Integrating with Google Cloud enables comprehensive visibility and control over all assets within your Google Cloud environment. By automatically discovering and cataloging cloud-hosted resources, this integration provides real-time insights into your infrastructure, helping to identify potential vulnerabilities and ensure robust security measures are in place.
Setting up the integration with Google Cloud is a straightforward process--were generating a credential within GCP, and giving that credentials permissions--this document will guide you through the integration process.
First, ensure that the following GCP APIs are enabled in your project/organization:
Next, navigate to Service Accounts in your GCP console and create a Service Account.
Specify a name, ID, and description for the service account. Chariot has no guidelines or restrictions for what goes in these fields.
If you wish Chariot to scan all projects in your organization, skip this next step -- we will add the appropriate access later.
Grant the Viewer
role to the Service Account to provide the account access to your GCP project.
For the next step, you do not need to grant any users access to the service account. Create the service account. Once the Service Account is created, still within your GCP console, you can create a new key for the Service Account and download it in a JSON file.
Next, you will need to grant access to the entire organization for the Service Account. If you only want to scan the single GCP project in which you created the Service Account , you may skip these steps.
On the Manage Resources page, your organization will have an info panel that allows you to add a principal with permissions.
Paste in the service account's email address and select the Viewer
role and save.
Switch back to Chariot and navigate to the GCP integration section. Paste in your project/organization ID and the service account JSON keyfile:
Click Add to complete the integration. Chariot will now regularly ingest assets from your GCP environment for risk detection.
We hope this document was helpful! If you find a topic that you would like discussed in detail, or need further assistance, please let us know at support@praetorian.com!