This document describes how to create Google Cloud Platform (GCP) credentials.
Google Cloud Platform (GCP) is a suite of cloud computing services that runs on the same infrastructure that Google uses internally. Alongside a set of management tools, it provides infrastructure as a service, platform as a service, and serverless computing environments.
Configure a GCP Account
To navigate to this section,
- Log in to OUTSCAN.
- Go to Main Menu > Portal
- Click the Account icon in the upper right corner.
- Click Credentials.
- Click Add Credentials, and select Google Cloud Platform from the drop-down menu of account type to add a new GCP credentials.
- Add the name of your GCP account.
- Upload the access key in JSON format.
- By clicking ADD, an credentials is created.
To manage your account, refer to Scan Credentials.
Create a GCP Account and Keys - Google Cloud Console
Refer to Create and Manage service accounts, to manage IAM service accounts.
Steps to Create a Service Account
- Log in to Google Cloud Platform.
- Open the Service Accounts page.
- Click on + CREATE SERVICE ACCOUNT.
- Fill in the details and click CREATE.
Add service account permissions and roles to allow a user to manage service account.
The Service account created on GCP must have a Role set to Project Viewer without anything else.
Steps to enable GCP API
- Enter the APIs & Services Dashboard page.
- Click on + ENABLE APIS AND SERVICES on the top of the dashboard.
- Search for the required API, Compute Engine API in this example.
- Click on the API block and then enable it by clicking on the ENABLE button.
You need to enable the following GCP API in order to be able to run GCP Compliance policy such as "CIS Google Cloud Platform Foundation Benchmark".
- Compute Engine API
- Kubernetes Engine API
- Cloud Key Management Service (KMS) API
- Identity and Access Management (IAM) API
- Cloud Logging API
- Cloud Resource Manager API
- Cloud DNS API
- Cloud Functions API
- Cloud SQL Admin API
You can double check GCP enabled APIs at the bottom of the "APIs & Services" Dashboard.
Steps to Create Key
- After granting user access, click on Create Key.
Select JSON as the Key type/format and click on CREATE.
Refer to Creating and Managing Service Account Keys, for detailed information regarding how to generate Access keys. The uploaded access key is the credential used to run a GCP scan.
© 2022 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.