0

We've experienced an issue recently where Google Cloud billing increasing greatly due to increased access to our Places API.

It turns out that we'd not properly used Credentials to restrict usage of our API Keys, which we're tightening up now.

BUT we're using about 50 API keys (one for each website that needs one), and it was far from easy to identify which API key was experiencing the recurring spikes in activity.

Yes, in the 'Metrics' section (https://console.cloud.google.com/google/maps-apis/metrics) we can filter by 'Credentials', but that's a cumbersome trial-and-error process to isolate the one(s) that are being hit the most.

It's possible I'm not looking in the right place or making the correct selections, but I would really like to see a text report/table showing an activity report (i.e. 'hits') per API key or Credential.

This would drastically speed up my ability to isolate the API keys with the spikes, and make adjustments to credentials/permission accordingly.

Does such a report exist, or should I be posting this somewhere as a feature request?

Thanks!

Ross

Ross Gerring
  • 39
  • 3
  • As you said, you can filter by credentials (**and** group by credential). Is that not enough? I can see which key generates the most traffic... And if that's not what you are looking for, then you might want to open a [feature request](https://issuetracker.google.com/issues?q=status:open%20componentid:187225&s=created_time:desc) explaining exactly what you are after. – MrUpsidown Jul 13 '23 at 09:32
  • Yes, I'd like a report of hits per API key, not just per API (e.g. Places API). Even better would be a report that shows the source (IP or website or hostname) of where those hits are coming from so that we can see which are legitimate, and which are not. But my understanding from Google is that such information is considered "personally identifiable" and will NOT be made available to us. This is irritating because of course IP/hostname/website info is standard data that is logged by, say, Apache, to track website access. Not sure why the same info can't be made available for API hits. – Ross Gerring Jul 14 '23 at 10:12
  • From the metrics page > show filters > grouped by : credential - does that not work for you? – MrUpsidown Jul 14 '23 at 11:17
  • Thanks @MrUpsidown - that does help a bit, better than what I was doing before. It would still be optimal to be able to drill down to the source of the ones that are erroring to see if they're legitimate or not, but it's pretty clear that Google aren't going to make this info accessible. – Ross Gerring Jul 17 '23 at 10:44

0 Answers0