You can configure Billing on Google Cloud Platform (GCP) in a variety of ways to meet different needs. This section introduces the core concepts for billing and discusses how to use them effectively.
GCP resources are the fundamental components that make up all GCP services, such as Google Compute Engine virtual machines (VMs), Google Cloud Pub/Sub topics, Google Cloud Storage buckets, and so on. For billing and access control purposes, resources exist at the lowest level of a hierarchy that also includes projects and an organization.
All lower level resources are parented by projects, which are the middle layer in the hierarchy of resources. You can use projects to represent logical projects, teams, environments, or other collections that map to a business function or structure. Any given resource can only exist in one project.
An organization is the top of the hierarchy of resources. All resources that belong to an organization are grouped under the organization node, to provide insight into and access control over every resource in the organization.
For more information on projects and organizations, see the Cloud Resource Manager documentation.
A billing account is used to define who pays for a given set of resources. A billing account includes a payment instrument, to which costs are charged, and access control that is established by Cloud Platform Identity and Access Management (IAM) roles.
A billing account can be linked to one or more projects. Project usage is charged to the linked billing account. Projects that are not linked to a billing account cannot use GCP services that aren't free.
There are two types of billing account:
- Payment instrument is a credit or debit card or ACH direct debit.
- Costs are charged automatically.
- You can sign up for self-serve accounts online.
- Payment instrument can be check or wire transfer.
- Invoices are sent by mail or electronically.
- You must be eligible for invoiced billing. Learn more about invoiced billing eligibility.
Costs are charged to a billing account automatically in one of two ways:
- Monthly billing: Costs are charged on a regular monthly cycle.
- Threshold billing: Costs are charged when your account has accrued a specific amount.
Invoiced billing accounts are always billed monthly. Self-serve billing accounts can use monthly or threshold billing. Learn more about threshold billing.
A billing account includes a set of contacts, defined on the Google Payments profile connected to the account, for people who can receive billing information specific to the payment instrument on file (for example, when a credit card needs to be updated). You can manage those contacts through the Google Cloud Platform Console or the Payments console.
Billing subaccounts allow you to group charges from projects together on a separate section of your invoice. A billing subaccount is a billing account with a billing linkage to a reseller's master billing account on which the charges appear. The master billing account must be on invoice billing.
A subaccount behaves like a billing account in most ways - it can have projects linked to it, billing exports can be configured on it, and it can have IAM roles defined on it. Any charges made to projects linked to the subaccount are grouped and subtotalled on the invoice, and the effect on resource management is that access control policy can be entirely segregated on the subaccount to allow for customer separation and management.
Subaccounts are typically used to represent resellers' customers for chargeback purposes.
The Cloud Billing API provides the ability to create and manage subaccounts via the API so you can connect to your existing systems and provision new customers or chargeback groups programmatically.