1*d5c09012SAndroid Build Coastguard Workertype: google.api.Service 2*d5c09012SAndroid Build Coastguard Workerconfig_version: 3 3*d5c09012SAndroid Build Coastguard Workername: servicecontrol.googleapis.com 4*d5c09012SAndroid Build Coastguard Workertitle: Service Control API 5*d5c09012SAndroid Build Coastguard Worker 6*d5c09012SAndroid Build Coastguard Workerapis: 7*d5c09012SAndroid Build Coastguard Worker- name: google.api.servicecontrol.v2.ServiceController 8*d5c09012SAndroid Build Coastguard Worker 9*d5c09012SAndroid Build Coastguard Workerdocumentation: 10*d5c09012SAndroid Build Coastguard Worker summary: |- 11*d5c09012SAndroid Build Coastguard Worker Provides admission control and telemetry reporting for services integrated 12*d5c09012SAndroid Build Coastguard Worker with Service Infrastructure. 13*d5c09012SAndroid Build Coastguard Worker overview: |- 14*d5c09012SAndroid Build Coastguard Worker Google Service Control provides control plane functionality to managed 15*d5c09012SAndroid Build Coastguard Worker services, such as logging, monitoring, and status checks. This page 16*d5c09012SAndroid Build Coastguard Worker provides an overview of what it does and how it works. 17*d5c09012SAndroid Build Coastguard Worker 18*d5c09012SAndroid Build Coastguard Worker ## Why use Service Control? 19*d5c09012SAndroid Build Coastguard Worker 20*d5c09012SAndroid Build Coastguard Worker When you develop a cloud service, you typically start with the business 21*d5c09012SAndroid Build Coastguard Worker requirements and the architecture design, then proceed with API definition 22*d5c09012SAndroid Build Coastguard Worker and implementation. Before you put your service into production, you 23*d5c09012SAndroid Build Coastguard Worker need to deal with many control plane issues: 24*d5c09012SAndroid Build Coastguard Worker 25*d5c09012SAndroid Build Coastguard Worker * How to control access to your service. 26*d5c09012SAndroid Build Coastguard Worker * How to send logging and monitoring data to both consumers and producers. 27*d5c09012SAndroid Build Coastguard Worker * How to create and manage dashboards to visualize this data. 28*d5c09012SAndroid Build Coastguard Worker * How to automatically scale the control plane components with your 29*d5c09012SAndroid Build Coastguard Worker service. 30*d5c09012SAndroid Build Coastguard Worker 31*d5c09012SAndroid Build Coastguard Worker Service Control is a mature and feature-rich control plane provider 32*d5c09012SAndroid Build Coastguard Worker that addresses these needs with high efficiency, high scalability, 33*d5c09012SAndroid Build Coastguard Worker and high availability. It provides a simple public API that can be 34*d5c09012SAndroid Build Coastguard Worker accessed from anywhere using JSON REST and gRPC clients, so when you move 35*d5c09012SAndroid Build Coastguard Worker your service from on-premise to a cloud provider, or from one cloud 36*d5c09012SAndroid Build Coastguard Worker provider to another, you don't need to change the control plane provider. 37*d5c09012SAndroid Build Coastguard Worker 38*d5c09012SAndroid Build Coastguard Worker Services built using Google Cloud Endpoints already take advantage of 39*d5c09012SAndroid Build Coastguard Worker Service Control. Cloud Endpoints sends logging and monitoring data 40*d5c09012SAndroid Build Coastguard Worker through Google Service Control for every request arriving at its 41*d5c09012SAndroid Build Coastguard Worker proxy. If you need to report any additional logging and monitoring data 42*d5c09012SAndroid Build Coastguard Worker for your Cloud Endpoints service, you can call the Service Control API 43*d5c09012SAndroid Build Coastguard Worker directly from your service. 44*d5c09012SAndroid Build Coastguard Worker 45*d5c09012SAndroid Build Coastguard Worker The Service Control API definition is open sourced and available on 46*d5c09012SAndroid Build Coastguard Worker [GitHub](https://github.com/googleapis/googleapis/tree/master/google/api/servicecontrol). By 47*d5c09012SAndroid Build Coastguard Worker changing the DNS name, you can easily use alternative implementations 48*d5c09012SAndroid Build Coastguard Worker of the Service Control API. 49*d5c09012SAndroid Build Coastguard Worker 50*d5c09012SAndroid Build Coastguard Worker ## Architecture 51*d5c09012SAndroid Build Coastguard Worker 52*d5c09012SAndroid Build Coastguard Worker Google Service Control works with a set of *managed services* and their 53*d5c09012SAndroid Build Coastguard Worker *operations* (activities), *checks* whether an operation is allowed to 54*d5c09012SAndroid Build Coastguard Worker proceed, and *reports* completed operations. Behind the scenes, it 55*d5c09012SAndroid Build Coastguard Worker leverages other 56*d5c09012SAndroid Build Coastguard Worker Google Cloud services, such as 57*d5c09012SAndroid Build Coastguard Worker [Google Service 58*d5c09012SAndroid Build Coastguard Worker Management](https://cloud.google.com/service-infrastructure/docs/service-management/getting-started), [Stackdriver 59*d5c09012SAndroid Build Coastguard Worker Logging](https://cloud.google.com/products/operations), and [Stackdriver 60*d5c09012SAndroid Build Coastguard Worker Monitoring](https://cloud.google.com/monitoring), while hiding their 61*d5c09012SAndroid Build Coastguard Worker complexity from service producers. It enables service 62*d5c09012SAndroid Build Coastguard Worker producers to send telemetry data to their consumers. It uses caching, 63*d5c09012SAndroid Build Coastguard Worker batching, aggregation, and retries to deliver higher performance and 64*d5c09012SAndroid Build Coastguard Worker availability than the individual backend systems it encapsulates. 65*d5c09012SAndroid Build Coastguard Worker 66*d5c09012SAndroid Build Coastguard Worker <figure id="fig-arch" class="center"> 67*d5c09012SAndroid Build Coastguard Worker <div style="width: 70%;margin: auto"> 68*d5c09012SAndroid Build Coastguard Worker <img src="/service-infrastructure/docs/service-control/images/arch.svg" 69*d5c09012SAndroid Build Coastguard Worker alt="The overall architecture of a service that uses Google Service 70*d5c09012SAndroid Build Coastguard Worker Control."> </div> <figcaption><b>Figure 1</b>: Using Google Service 71*d5c09012SAndroid Build Coastguard Worker Control.</figcaption> </figure> 72*d5c09012SAndroid Build Coastguard Worker 73*d5c09012SAndroid Build Coastguard Worker The Service Control API provides two methods: 74*d5c09012SAndroid Build Coastguard Worker 75*d5c09012SAndroid Build Coastguard Worker * 76*d5c09012SAndroid Build Coastguard Worker [`services.check`](https://cloud.google.com/service-infrastructure/docs/service-control/reference/rest/v1/services/check), 77*d5c09012SAndroid Build Coastguard Worker used for: 78*d5c09012SAndroid Build Coastguard Worker * Ensuring valid consumer status 79*d5c09012SAndroid Build Coastguard Worker * Validating API keys 80*d5c09012SAndroid Build Coastguard Worker * 81*d5c09012SAndroid Build Coastguard Worker [`services.report`](https://cloud.google.com/service-infrastructure/docs/service-control/reference/rest/v1/services/report), 82*d5c09012SAndroid Build Coastguard Worker used for: 83*d5c09012SAndroid Build Coastguard Worker * Sending logs to Stackdriver Logging 84*d5c09012SAndroid Build Coastguard Worker * Sending metrics to Stackdriver Monitoring 85*d5c09012SAndroid Build Coastguard Worker 86*d5c09012SAndroid Build Coastguard Worker We'll look at these in more detail in the rest of this overview. 87*d5c09012SAndroid Build Coastguard Worker 88*d5c09012SAndroid Build Coastguard Worker ## Managed services 89*d5c09012SAndroid Build Coastguard Worker 90*d5c09012SAndroid Build Coastguard Worker A [managed 91*d5c09012SAndroid Build Coastguard Worker service](https://cloud.google.com/service-infrastructure/docs/service-control/reference/rest/v1/services) is 92*d5c09012SAndroid Build Coastguard Worker a network service managed by 93*d5c09012SAndroid Build Coastguard Worker [Google Service 94*d5c09012SAndroid Build Coastguard Worker Management](https://cloud.google.com/service-infrastructure/docs/service-management/getting-started). Each 95*d5c09012SAndroid Build Coastguard Worker managed service has a unique name, such as `example.googleapis.com`, 96*d5c09012SAndroid Build Coastguard Worker which must be a valid fully-qualified DNS name, as per RFC 1035. 97*d5c09012SAndroid Build Coastguard Worker 98*d5c09012SAndroid Build Coastguard Worker For example: 99*d5c09012SAndroid Build Coastguard Worker 100*d5c09012SAndroid Build Coastguard Worker * Google Cloud Pub/Sub (`pubsub.googleapis.com`) 101*d5c09012SAndroid Build Coastguard Worker * Google Cloud Vision (`vision.googleapis.com`) 102*d5c09012SAndroid Build Coastguard Worker * Google Cloud Bigtable (`bigtable.googleapis.com`) 103*d5c09012SAndroid Build Coastguard Worker * Google Cloud Datastore (`datastore.googleapis.com`) 104*d5c09012SAndroid Build Coastguard Worker 105*d5c09012SAndroid Build Coastguard Worker Google Service Management manages the lifecycle of each service's 106*d5c09012SAndroid Build Coastguard Worker configuration, which is used to customize Google Service Control's 107*d5c09012SAndroid Build Coastguard Worker behavior. Service configurations are also used by Google Cloud Console for 108*d5c09012SAndroid Build Coastguard Worker displaying APIs and their settings, enabling/disabling APIs, and more. 109*d5c09012SAndroid Build Coastguard Worker 110*d5c09012SAndroid Build Coastguard Worker ## Operations 111*d5c09012SAndroid Build Coastguard Worker 112*d5c09012SAndroid Build Coastguard Worker Google Service Control uses the generic concept of an *operation* 113*d5c09012SAndroid Build Coastguard Worker to represent the activities of a managed service, such as API calls and 114*d5c09012SAndroid Build Coastguard Worker resource usage. Each operation is associated with a managed service and a 115*d5c09012SAndroid Build Coastguard Worker specific service consumer, and has a set of properties that describe the 116*d5c09012SAndroid Build Coastguard Worker operation, such as the API method name and resource usage amount. For more 117*d5c09012SAndroid Build Coastguard Worker information, see the 118*d5c09012SAndroid Build Coastguard Worker [Operation 119*d5c09012SAndroid Build Coastguard Worker definition](https://cloud.google.com/service-infrastructure/docs/service-control/reference/rest/v1/Operation). ## 120*d5c09012SAndroid Build Coastguard Worker Check 121*d5c09012SAndroid Build Coastguard Worker 122*d5c09012SAndroid Build Coastguard Worker The 123*d5c09012SAndroid Build Coastguard Worker [`services.check`](https://cloud.google.com/service-infrastructure/docs/service-control/reference/rest/v1/services/check) method 124*d5c09012SAndroid Build Coastguard Worker determines whether an operation should be allowed to proceed for a 125*d5c09012SAndroid Build Coastguard Worker managed service. 126*d5c09012SAndroid Build Coastguard Worker 127*d5c09012SAndroid Build Coastguard Worker For example: 128*d5c09012SAndroid Build Coastguard Worker 129*d5c09012SAndroid Build Coastguard Worker * Check if the consumer is still active. 130*d5c09012SAndroid Build Coastguard Worker * Check if the consumer has enabled the service. 131*d5c09012SAndroid Build Coastguard Worker * Check if the API key is still valid. 132*d5c09012SAndroid Build Coastguard Worker 133*d5c09012SAndroid Build Coastguard Worker By performing multiple checks within a single method call, it provides 134*d5c09012SAndroid Build Coastguard Worker better performance, higher reliability, and reduced development cost to 135*d5c09012SAndroid Build Coastguard Worker service producers compared to checking with multiple backend systems. 136*d5c09012SAndroid Build Coastguard Worker 137*d5c09012SAndroid Build Coastguard Worker ## Report 138*d5c09012SAndroid Build Coastguard Worker 139*d5c09012SAndroid Build Coastguard Worker The 140*d5c09012SAndroid Build Coastguard Worker [`services.report`](https://cloud.google.com/service-infrastructure/docs/service-control/reference/rest/v1/services/report) method 141*d5c09012SAndroid Build Coastguard Worker reports completed operations for a managed service to backend 142*d5c09012SAndroid Build Coastguard Worker systems, such as logging and monitoring. The reported data can be seen in 143*d5c09012SAndroid Build Coastguard Worker Google API Console and Google Cloud Console, and retrieved with 144*d5c09012SAndroid Build Coastguard Worker appropriate APIs, such as the Stackdriver Logging and Stackdriver 145*d5c09012SAndroid Build Coastguard Worker Monitoring APIs. 146*d5c09012SAndroid Build Coastguard Worker 147*d5c09012SAndroid Build Coastguard Worker ## Next steps 148*d5c09012SAndroid Build Coastguard Worker 149*d5c09012SAndroid Build Coastguard Worker * Read our [Getting Started 150*d5c09012SAndroid Build Coastguard Worker guide](https://cloud.google.com/service-infrastructure/docs/service-control/getting-started) 151*d5c09012SAndroid Build Coastguard Worker to find out how to set up and use the Google Service Control API. 152*d5c09012SAndroid Build Coastguard Worker 153*d5c09012SAndroid Build Coastguard Workerbackend: 154*d5c09012SAndroid Build Coastguard Worker rules: 155*d5c09012SAndroid Build Coastguard Worker - selector: google.api.servicecontrol.v2.ServiceController.Check 156*d5c09012SAndroid Build Coastguard Worker deadline: 5.0 157*d5c09012SAndroid Build Coastguard Worker - selector: google.api.servicecontrol.v2.ServiceController.Report 158*d5c09012SAndroid Build Coastguard Worker deadline: 5.0 159*d5c09012SAndroid Build Coastguard Worker 160*d5c09012SAndroid Build Coastguard Workerauthentication: 161*d5c09012SAndroid Build Coastguard Worker rules: 162*d5c09012SAndroid Build Coastguard Worker - selector: google.api.servicecontrol.v2.ServiceController.Check 163*d5c09012SAndroid Build Coastguard Worker oauth: 164*d5c09012SAndroid Build Coastguard Worker canonical_scopes: |- 165*d5c09012SAndroid Build Coastguard Worker https://www.googleapis.com/auth/cloud-platform, 166*d5c09012SAndroid Build Coastguard Worker https://www.googleapis.com/auth/servicecontrol 167*d5c09012SAndroid Build Coastguard Worker - selector: google.api.servicecontrol.v2.ServiceController.Report 168*d5c09012SAndroid Build Coastguard Worker oauth: 169*d5c09012SAndroid Build Coastguard Worker canonical_scopes: |- 170*d5c09012SAndroid Build Coastguard Worker https://www.googleapis.com/auth/cloud-platform, 171*d5c09012SAndroid Build Coastguard Worker https://www.googleapis.com/auth/servicecontrol 172