Set up a GCP integration | Fluid Attacks Help

Set up a GCP integration

Here you can find all the information required by a customer to enroll an GCP cloud account to start using the CSPM DAST module.

You will need two credentials to use the GCP CSPM DAST module.

Manual configuration from GCP console

We'll outline the general steps to create a private key for a Google Cloud service account with the role of Security Reviewer:

Find the GCP Project ID

To obtain the Project ID for a Google Cloud Platform (GCP) account, you can follow these steps:

  1. Google Cloud Console Login: Log in to your Google Cloud account using the Google Cloud Console at

  2. Select a Project: If you are working within a specific project, select that project from the dropdown menu at the top of the Google Cloud Console. The Project ID is associated with a specific project, so make sure you are working within the correct project context.

  3. View the Project ID: Once you have selected the correct project (or if you are already in the correct project), you can find the Project ID in a few different places:

    • Dashboard: The Project ID is typically displayed on the Google Cloud Console dashboard, under the project name.

      GCP Project ID Dashboard

    • Project Settings Page: You can also find the Project ID by clicking on the project name at the top of the Google Cloud Console to open the project selection modal. The Project ID will be displayed there.

      GCP Project ID Selection modal

Create a GCP service account private key

We'll outline the general steps to create a private key for a Google Cloud service account with the role of Security Reviewer:

  1. Access the Google Cloud Console: Log in to your Google Cloud account using the Google Cloud Console.

  2. Select Your Project: Ensure you are working within the correct Google Cloud project where you want to create the service account.

  3. Navigate to the IAM & Admin Dashboard: In the Google Cloud Console, navigate to the "IAM & Admin" dashboard.

  4. Create a Service Account: To create a new service account, click on the "Service accounts" tab within the IAM & Admin dashboard and then click the "Create Service Account" button.

    GCP create service account

  5. Provide a Name and Description: Give your service account a name and optional description that helps you identify its purpose, such as "SecurityReviewerServiceAccount" the click on create and continue

    GCP naming service account

  6. Assign the Role of Security Reviewer: In the "Select a role" section, search for and select the "Security Reviewer" role then click continue This role should have permissions to list all resources and allow policies on them.

    GCP naming select role

  7. Create the Service Account: Click the "Done" button to proceed with creating the service account.

    GCP service account creation done

  8. Create a Key Pair (Private Key): After creating the service account, you'll get a new security account in the table, click the "Action" button and then click the "Manage Keys" option

    GCP service account actions button

    Now in the Manage Keys dashboard click on the ADD KEY button and select Create new key.

    GCP add new key

    You'll be prompted to create a key pair (private key) for it. Choose the key type, for this case JSON, and click "Create." This will generate and download a JSON key file containing the private key. The content on this file will be the private key to run Fluid Attacks' tool.

    GCP create json key

  9. Store the Key Securely: Keep the JSON key file secure, as it provides access to your service account. Do not expose it publicly or commit it to version control repositories.

GCP setup on Fluid Attacks' platform

If you selected the option to add Google Cloud Platform (GCP) secrets, you must fill in the following fields: GCP project ID and GCP_PRIVATE_KEY. To obtain these values you can check the section GCP Enrollment.

GCP option

  • GCP project ID: The ID that represents that GCP environment; note that it is composed of alphanumeric fields.
  • GCP_PRIVATE_KEY: Represents the session key for a service account comprising alphanumeric characters.
Free trial message
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.