GCP Users

At Reyki AI, security is our highest priority. We take painstaking measures to ensure that our customers’ infrastructure is never compromised by operating on the least privilege principle. At every stage of the process, we ensure that we utilize only the minimal permissions needed to operate our software.

Permissions

There are four permissions that we request from your Google Cloud account. We request that you add Reyki AI as a principal to your account with three roles. These roles will allow us to link your billing account with Reyki AI’s billing account, view your billing and compute instance usage, and manage committed use discounts (CUDs) on your behalf. The four roles are described here:

Billing account viewer: This role provides necessary access to spend information within your account so that we can analyze and recommend savings opportunities.

Project billing manager: This role allows a user to attach a project to their billing account, but does not grant any rights over resources. We use this role to manage the billing for your project without having access to your resource access.

Compute viewer: This role provides read-only access to information about your Compute Engine resources. It also allows us to retrieve metadata about your disks, images, and snapshots, but does not allow us to read the stored data.

Reyki role: This role allows us to purchase and update committed use discounts on your behalf to drive savings.

Using these four permissions, we will link your project (or folder) to our billing account and take ownership of the billing details. Additionally, Reyki AI uses these permissions to retrieve cost and usage data from your various services for our prediction engine, which then generates the historical and estimated savings that power our dashboard. These services will be periodically queried by our app to keep the dashboard up to date.

Reyki AI uses these permissions to read your cost and usage metadata. These permissions also allow Reyki AI to automatically manage purchase and sell committed usage discounts (CUDs) on your behalf to drive compute savings. Reyki does NOT collect application data; nor do we interact with your applications in any way. We operate strictly at the billing layer and through the reserved instance control panel.

Data Storage

Reyki AI retrieves and stores cost and usage metadata through the permissions granted by the Principal Roles. Specifically, we store the following:

• All spend and savings data dating back to 1 year for the dashboard

• All spend and savings data starting from the date the customer joins the Reyki organization

• Committed-use discount and resource-based committed-use discount information

• Instance metadata

All data is deleted when a customer deactivates their account in compliance with GDPR regulations.