Understanding how to manage and control costs is an important consideration for a team working together using a shared funding source. Read on for two ways to share funding resources and how to choose - depending on your collaboration needs.
For information on Best Practices for sharing data resources, see this article
To learn about sharing GCP Billing accounts (if colleagues need to be able to create their own Terra Billing projects, or look at detailed cost breakdown and reports), see this article
Overview: How costs are calculated in Terra
The costs of working in Terra are GCP fees that are passed along to users without any markup via a Terra billing project. GCP costs are based on how much storage, egress and compute is done in the project workspace (bottom level). Workspace costs are covered via the workspace billing project (middle level), funded by a GCP Billing Account (top level).
Consider the case of several collaborators under the same funding source umbrella. The funding will be associated with a GCP Billing Account (top level above). Collaborators can access the shared funds at any level of the billing hierarchy, depending on how they will be working together (in their own workspaces? In a shared workspace?). For a detailed description of the structure of costs and permissions in Terra, see this article.
Below are two options for managing shared team costs, depending on how colleagues will be working together.
Working in shared team workspaces (PIs have most control)
Workspace owners (i.e. lab PIs) can share a workspace with an individual or a managed group. When you share, you control what your collaborator can do in the workspace. Note that workspace owners are able to change collaborator roles at any time.
Setting up a shared team workspace
- Create the workspace
- Make the team a managed group (Go to "Profile" -> "Groups" in the main navigation)
- Open the "Share workspace" form by selecting "Share" after clicking the three vertical dots
- Add the group to collaborators (start typing in the group name in the "User email" field)
Note that you need to select "enter" or "return"!
- Select the group's permissions
- Don't forget to save!
|Note that everyone in the group shares the same workspace permissions.
To assign more granular permissions, add individual collaborators one at a time.
Controlling spending in a shared workspace
You control what collaborators can do by assigning workspace roles/permissions when you share a workspace. Workspace permissions give you the most control over spend, as you can change or remove an individual or group's permission at any time, and it takes effect immediately.
Operations that have a cost
- Move, copy and store data
- Run an interactive analysis (Jupyter notebook)
- Run a workflow (note that this will generate data that will be stored by default in the workspace bucket)
|Note that it is not possible to get cost breakdowns by user for different users working in the same workspace|
How to add/remove individuals from a shared workspace
If adding someone, you need to hit "enter" (or "return") after entering their User email. Don't forget to save after changing!
How to add/remove a user from a workspace shared with a Group
1. Go into ""Your Name" -> "Groups" from the main navigation menu
2. Edit the person's role in the group (you must have the right permissions, of course!)
Working in separate workspaces with team Billing projects
Owners and administrators of the GCP Billing account can create a team billing project or separate billing projects (for different collaborators or projects). One advantage of this is it is easy to monitor and cut off spend by Billing project.
Access to a Billing project allows a collaborator to create their own workspaces. The workspace creator is the "owner" by default, and will be able to store and analyze data in any workspaces they create.
Being on team Billing project does not allow the collaborator to work in any workspaces created by others in the team - even under the shared billing project! That requires the workspace owner to grant the appropriate workspace permission to the user (option 1, above).
How to add/remove a collaborator to/from a Terra Billing project - step-by-step
Select the Billing Account, and name the project:
Once you have created a project, you can add a person to the project in Terra by going to "Billing" from the main navigation menu by clicking on the "+" icon next to "BILLING PROJECTS":
|Removing someone from a billing project does not keep them from spending money in an existing workspace that has been shared with them! It removes their ability to create new workspaces.
We repeat - Users can still run workflows and notebooks even after you remove them from the billing project, if the project still
To eliminate spend, follow the checklist below.
After removing billing project permissions, to avoid accruing additional charges, you must eliminate all possible sources of continuing costs (at the workspace and billing project level):
|If you are no longer using a shared Billing project, you can disable billing for any projects associated with workspaces the user cloned or created (to prevent additional costs accruing if you no longer want to compute in the workspace (see directions below).|
How to disable billing projects (click for step-by-step instructions)
- Make sure you are logged into Chrome as the GCP Billing Account admin or owner where you’re trying to control spending.
- Go to the Google Cloud Console at https://console.cloud.google.com/home:
- Go to Billing overview:
- Select “Account Management” from the bottom left:
- You will see all projects created under this Billing Account. Click on the three vertical dots beside the billing project you want to disable and select “Disable”:
Once you disable project billing, no one will be able to start a workflow or notebook in any workspace under this project - effective immediately.
|If you don't see the options in the screenshots, it is likely because you don't have the right permissions on the GCP Billing account. For example, if you are using STRIDES or third party resellers such as Onix, you may not be able to follow these steps unless you request admin privileges from the third-party reseller (who is the Owner).
What should I do next?
GCP costs are billed by billing project, not by user.
This means, if the workspace still has a valid billing project, any user with "can-compute" permissions will still be able to run workflows or notebooks in workspaces.
What can someone do without billing permissions?