Google Cloud Platform virtualization environments

The Citrix Virtual Apps and Desktops service supports the ability to manually power cycle Citrix Virtual Apps and Desktops VMs on the Google Cloud Platform (GCP). With this feature, you can:

  • Import manually created GCP Windows Server VMs into a Citrix Virtual Apps and Desktops machine catalog.
  • Remove manually created GCP Windows Server VMs from a Citrix Virtual Apps and Desktops catalog.
  • Leverage all of the existing Citrix Virtual Apps and Desktops power management capabilities to power manage GCP Windows Server VMs, for example, setting a restart schedule.

This functionality does not require changes to an existing Citrix Virtual Apps and Desktops provisioning workflow, or the removal of any existing feature.

You can only manage previously created persistent VMs on the Google Cloud Platform. Citrix recommends that you manually provision VMs before creating a connection in Studio.


  • Citrix Cloud account. The feature described in this article is only available in Citrix Cloud.
  • Citrix Virtual Apps and Desktops service subscription. For details, see Get started.
  • A GCP project. The project stores all compute resources associated with the machine catalog; it can be an existing project or a new one.
  • GCP service account. This account authenticates to Google Cloud to enable access to the project. See Configure the Google Cloud account.
  • Two APIs enabled in your Google Cloud Project. For details, see Enable Google Cloud APIs.

After completing the requirements, you can create a connection to GCP and then create a catalog containing GCP VMs.

Configure the Google Cloud service account

A Google account enables you to create and manage resources inside GCP projects. A Google Cloud service account is required to enable the power management functionality described in this article.

Tip: The Google Cloud account authenticates against Citrix Cloud using a private key generated by Google Cloud. Each account (personal or service) contains various roles defining the management of the project. The functionality described in this article requires the Cloud Resource Manager Browser role and the following Compute permissions:

  • compute.instances.get
  • compute.instances.list
  • compute.instances.reset
  • compute.instances.start
  • compute.instances.stop
  • compute.regions.list
  • compute.zoneOperations.get
  • compute.zoneOperations.list
  • compute.zones.list

These permissions are granted by creating a custom role. For convenience, the Compute Instance Admin (v1) role may be used in lieu of the custom role, but it does provide more access than is strictly required.

For details, see the page containing information about GCP roles.

When creating a Service Account there is an option to create a private key for the account. Use this private key when creating a connection in Studio. Access to the private key comes in the form of a credentials file that you will download when creating it. When creating a credentials file, ensure that the key file type is set to JSON, the file type expected by Studio.

Tip: Create new service keys using the service account page on the GCP console. Citrix recommends rotating keys on a regular basis for security. New keys are provided to the Citrix Virtual Apps and Desktops application by editing an existing GCP connection.

Enable Google Cloud APIs

To use the Google Cloud functionality with Citrix Studio, you must enable two APIs in your Google Cloud project:

  • Computer Engine API
  • Cloud Resource Manager API

From the Google Cloud Platform main screen:

  1. In the upper left menu, select APIs and Services > Dashboard.

    APIs and Services Dashboard select image

  2. In the Dashboard screen, ensure that the state of the Compute Engine API is enabled.
  3. In the left pane, select APIs and Services > Library

    APIs and Services Library image

  4. In the search field, type Cloud Resource Manager.
  5. From the search results, click Cloud Resource Manager API.

    Google Cloud Resource Manager

In the Cloud Resource Manager API screen, click Enable. The API’s status is displayed.

Create a connection

In Studio, follow the guidance in Create a connection and resources. The following information is unique to Google Cloud Platform connections.

Create a Studio connection

  1. On the Connection page:

    • Select Create a new Connection.
    • Select Google Cloud Platform as the Connection type.
    • Click Import key to load the Google credential file. This file contains credentials for the applied service account. The service account ID field automatically populates with information from the imported key.
    • Enter a name for the connection and then click Next.
  2. Confirm the information on the Summary page and then click Finish.

    Studio lists the connection you created.

    Manage Services

Create a machine catalog

In Citrix Studio, follow the guidance in Create machine catalogs. The following information is unique to Google Cloud Platform catalogs.

  1. On the Operating System page, select Server OS.
  2. On the Machine Management page, select both of the following radio buttons:

    • Machines that are power managed …
    • Another service or technology.

    Create Machine Catalog

  3. On the Virtual Machines page, select Add VMs. Navigate to the Google Cloud region that contains the machines. Select the machines, and then click OK.

    Select VMs

  4. Provide the existing Active Directory computer accounts for the selected machines, and then click OK.

    Associate VMs with AD accounts

  5. On the Summary page, confirm the information you provided, specify a name for the connection, and then click Finish.

Troubleshoot the connection

After completing the connection creation wizard, if the connection status is “Unavailable”, the Google Cloud Platform elements may not exist on the Citrix Cloud Connector:

  • Verify that your Cloud Connectors are running.
  • Verify that your Cloud Connectors have been updated to the latest release.
  • If the Cloud Connectors are not responding to Citrix Cloud, ensure that the Active Directory domain controller server is running.