Google Cloud Platform (GCP)
  • 1 minute to read
  • Print
  • Share
  • Dark
    Light

Google Cloud Platform (GCP)

  • Print
  • Share
  • Dark
    Light

Google Cloud Platform (GCP) is a suite of cloud computing services. Alongside a set of management tools, it provides a series of modular cloud services including computing, data storage, data analytics and machine learning.

The GCP adapter connection only requires a JSON-document containing service-account credentials to GCP, which can be created in the Google Cloud Console.

To connect Axonius to Google Cloud Platform you need to:

  1. Enable Cloud APIs
  2. Create a service account & Grant permissions to the service account

1. Enable Cloud APIs

To enable the Cloud APIs, do as follows:

  1. Go to the Google Cloud Console and select the project that you want Axonius to connect to.
    Then, go to APIs & Services -> Dashboard.
    image.png

  2. Axonius requires the following APIs: 'Compute Engine API' and the 'Cloud Resource Manager API'. Verify that both are enabled.

For example, in the screenshot below you can see that since the 'Cloud Resource Manager API' does not appear in the list, it is not enabled. and needs to be enabled.
image.png

To enable an API, click 'Enable APIs and Services' at the top of the screen.

  1. Search for the API you want to enable and click It. For example: 'Cloud Resource Manager API'
    image.png

  2. Click Enable.
    image.png

2. Create a Service account

To create a service acccount,

  1. Go to the Google Cloud Console and select the project that you want Axonius to connect to.
    Then, go to "IAM & admin" -> "Service accounts".
    image.png

  2. Click "Create Service Account" and fill in the details
    image.png

  3. In the next tab, select the "Compute Viewer", "Kubernetes Engine Viewer", and "Viewer" roles to grant read-only access to Axonius.

  4. Next, click "Create Key" and create a "JSON" type key:
    image.png

  5. Your JSON key will be downloaded. Finish creating the user and go back to the service accounts screen. Copy the email address of the new service account.

  6. In the top part of the screen, select the organization resource, and go to "IAM & Admin - IAM". Click "Add" and add the new service account using the email from step (5). Add the "Compute Viewer" and "Kubernetes Engine Viewer" roles and click 'Save'.
    image.png

  7. Use the downloaded json file to connect the Google Cloud Platform adapter.

Was this article helpful?