This comprehensive guide provides the steps and credentials needed to integrate your Google Cloud Platform (GCP) account with Fluid Attacks' cloud security posture management (CSPM) module.

Manual configuration from GCP console

Firstly, you need to get these two credentials for the GCP integration:

• GCP Project ID: The alphanumeric ID of your GCP environment
• GCP service account private key: The alphanumeric session key for a service account

Find the GCP Project ID

Follow these steps to obtain the Project ID for your Google Cloud Platform (GCP) account:

1. Log in to your Google Cloud account using the Google Cloud Console at console.cloud.google.com.

2. Choose the GCP project you want to integrate from the project dropdown menu at the top. The Project ID is associated with a specific project, so make sure you access the right project.
   

3. Locate the Project ID in any of these two places:

   • Dashboard: The Project ID is typically displayed on the Google Cloud Console dashboard, under the project name.

   
   

   • Project selection menu: Click on the project name at the top of the Google Cloud Console to open the project selection modal, where the Project ID is displayed.

   
   

Create a GCP service account private key

These are the steps to create a private key for a Google Cloud service account with the role of Security Reviewer:

1. Log in to your Google Cloud account using the Google Cloud Console.

2. Ensure you are working within the Google Cloud project where you want to create the service account.

3. Navigate to the IAM & Admin dashboard.

4. To create a new service account, access the Service Accounts section from the left-side menu and then click on Create service account.

   

5. Name your service account (e.g., "SecurityReviewerServiceAccount") and, optionally, provide a description that helps you identify its purpose. When you are done, click on Create and continue.

   

6. In the Role menu, search for and select the Security Reviewer role then click on Continue. This role has permissions to list all resources and allow policies on them.

   

7. Click on Done to create the service account with the specified role.

   

8. After creating the service account, locate it in the Service Accounts table, click on the corresponding Actions icon and then select the Manage keys option.

   

9. In Keys, click on the Add key dropdown and select Create new key. With this option, you create a key pair (private key) for the service account

   

10. Select JSON as the Key type and click on Create. This generates and downloads a JSON key file containing the private key.
    




Keep the JSON key file secure, as it provides access to your service account. Do not expose it publicly or commit it to version control repositories.

GCP setup on Fluid Attacks' platform

Once you have your GCP Project ID and private key, you can integrate your GCP account with the Fluid Attacks platform. Navigate to your group's Scope section on Fluid Attacks' platform to add a CSPM environment. (If you need a refresher on how to reach this point, refer to Find the option for cloud integrations.)