Recommender is a service that provides recommendations and insights for using resources on Google Cloud. These recommendations and insights are per-product or per-service, and are generated based on heuristic methods, machine learning, and current resource usage.
An example of a recommendation is one generated by the VM instance rightsizing recommender. In this case, the recommender generates recommendations based on system metrics collected by Cloud Monitoring over the last eight days. If the recommender detects that a VM instance is underutilized, it recommends changing the machine size to save cost.
On an ongoing basis, Recommender analyzes current usage of your Cloud resources for available recommenders and insight types and provides recommendations and insights designed to optimize usage for performance, security, cost, or manageability.
Managing recommendations and insights in the Google Cloud console
Recommender displays these recommendations and insights in the Google Cloud console when you view and manage the related resources.
Any provided recommendations and insights are stored by Recommender, and then appear in the Google Cloud console when you view and manage the related resources. You can choose to apply or dismiss the recommendations in the Google Cloud console. If you choose to apply a recommendation, you perform the recommended change and then mark the recommendation as completed.
Managing recommendations and insights using the API
gcloud commands, and
REST and RPC APIs allow you to interactively
or programmatically list, claim, and mark recommendations as succeeded or failed.
You can also list or mark insights as accepted. These interfaces allow you to
view and manage recommendations and insights from within scripts or other
Before applying recommendations, ensure that they are reviewed by someone who can properly assess the impacts of changes.
Recommender provides information on direct impacts in areas such as cost, performance, or security. Recommendation reviewers should have a holistic understanding of your infrastructure and processes so that other business-specific impacts are considered.
Granting permissions to view and update recommendations and insights
Each recommender and insight type has specific roles and permissions to control access to its recommendations and insights. In order to enable users to review and assess these recommendations and insights, they will include some metadata about resources. Granting these permissions provides users with a partial view of the resource's metadata. This partial view of data is particularly important to consider if you are using custom roles to grant permissions.
For example, the Identity and Access Management recommender provides recommendations about permissions. Members that have the recommender.iamPolicyRecommendations.get and recommender.iamPolicyRecommendations.list permissions will also see information about your IAM policy bindings.
You can enroll in the Recommender Viewer role or Identity and Access Management Basic Roles to get access to view all recommendations available to you. Alternatively, you can reference our recommender list page to determine what permissions you need for each individual recommendation.