Personalized recommendations with customized recommender

The different recommender engines are very useful and provide powerful insights. However, that insights are based on generic rules.
For instance, you will have IAM recommendations (to reduce the permissions granted on an account) after 90 days of observation. It could be too much, or too few according to your use cases.

The first step is to extract the current configuration. For that, you must have the Recommender Viewer role (in our case IAM Recommender Viewer role).

And finally, use the gcloud CLI to get the config and visualize the result

A typical result is the following

You can note the P90D that define the 90 days of observation by default

To update your configuration with the CLI, you need 2 things:

You can use the describe command with JQ to extract the current parameter and save the result in a file, paramsConfig.json here (in JSON format)

And then, update the parameter value. For instance, P30D for 30 days of observability instead of 90 by default.

Next, the etag value. Same, with describe andJQ, but to save the result in a variable, ETAG here.

Finally, put it all together in a final command. Use the paramsConfig.json and the etag value

You must have the Recommender Admin role (in our case IAM Recommender Admin role).

The command successfully applied, you can again perform a describe (the first section) to confirm that the correct value is set.

As you can see, the developer experience isn’t good. Extracting a part of the API response, getting the etag separately, it’s so boring.

Firstly, get the current configuration as is in JSON, and save the result in a file, recommender-iam.json for instance

Either with the CLI as before.

Or with the API directly

Note that you can use the CLI to get the access token to be authenticated.
If you use your user account, you have to mention the “consumer project” with the x-goog-user-project header.
If you use a service account, you can remove it.

After the save, update the content; change the P90D to P30D for instance

The interesting part comes here. Keep the extracted JSON as is. No etag or params to extract!

I already shared that easiest way with the engineering team. I hope the CLI will be better soon!

Recommender customization is only at the beginning and all the recommenders aren’t customizable yet.

In addition, some mandatory components are missing, like the Terraform module to be able to set the recommender parameter directly with the IaC.

Anyway, you can start to think and to define your policies and how you want to be recommended to optimize your cloud environment!

Related posts:

When I lost my virginity at the age of 17, I didn’t know much about sex. Pretty much everything I knew I learned in health class. When my friends would talk about sex, which wasn’t often, I would nod…

Start Investing In Cryptocurrencies Today With This Ultimate Guide About Strategic Trading Concepts To Explore And More

Suara bel yang ditekan seseorang dari balik pintu mengganggu konsentrasinya. Cia yang pada saat itu sibuk menulis sesuatu di atas selembar kertas, berdiri, untuk kemudian berjalan perlahan menuju…