loader image
GCP Setup

Prerequisites #

Roles #

Before you set up your GCP Cloud Account on Cloudnosys, please ensure that your GCP IAM user has at least the following 3 roles assigned to it:

  • Editor
  • Security Admin
  • Service Account Admin

These will be needed to create the required service account.

Google Cloud APIs #

Enable the following Google Cloud APIs:

  • Cloud Asset API
  • Cloud Storage API
  • Cloud Functions API
  • Compute Engine API
  • Cloud SQL Admin API
  • Cloud Resource Manager API
  • Cloud Storage for Firebase API

Name Your GCP Service Account #

  1. Navigate to the Cloud Accounts list page from the Setup module.

  2. Click on the Add Account button.

  3. Select GCP as your Cloud Account Provider.

  4. Give a name to your Cloud Account. Choose a name that will make it easily differentiable if you add more Azure accounts with Cloudnosys.

  5. Click on the Next button to go to the next step.

Retreive & Enter Credentials #

  1. Next, you have to enter your GCP Service Account credentials which you can get from the GCP Console.

  2. You will also find the steps to get these credentials from your GCP console on the same page.

    The same steps are detailed below in this section with screenshots.

Create a Service Account #

  1. Navigate to the Service Accounts page from the Sidebar Menu.

  2. Click on the “Create Service Account” button.

  3. Type a suitable Service Account Name. The service account ID will automatically be generated from the name.

  4. Click on the “Create and Continue” button.

  5. Click on the “Select a Role” dropdown.

  6. From the “Basic” category, choose the role “Viewer”.

  7. Click on the “Add Another Role” button.

  8. In the dropdown’s search & filter bar, search for the “Security Reviewer” role & select it.

  9. Click on the “Continue” button.

  10. We can skip this part. Just click on the “Done” button.

  11. You will be taken to the Service Accounts page. There you can search for the service account you just created and confirm that it was created successfully.

Create Key #

  1. Click on the Service Account you just created.

  2. Go to the Keys tab.

  3. Click on the “Add Key” dropdown.

  4. Click on the “Create new key” option.

  5. Ensure that the JSON option is selected. Click on the “Create” button and then wait.

  6. Once the key gets created, a JSON file containing it will get downloaded to your device.

Paste Credentials #

  1. Copy all the contents of the JSON file.

  2. Go back to the tab where you have the Cloudnosys platform open.

  3. Paste the contents into the empty Service Account field.

  4. Scroll down & click on the “Test Connection & Add Cloud Account” button.

Testing & Scanning #

Once you are on the Testing step, Cloudnosys will run a few tests to ensure that the Cloud Account got integrated properly with the intended settings.

As soon as the connection gets established successfully, the scan will begin running instantly.

Was this page helpful?