Integrating with GCP
Overview
Google Cloud Platform integration enables you to scan your GCP infrastructure for runtime misconfigurations.
Steps for integrating with GCP
To integrate Jit with Google Cloud Platform—
- Create a new service account for your Google Cloud project. For instructions, see Google Cloud documentation. Required permissions:
- Viewer
- Security Reviewer
- Stackdriver Account Viewer
- Create a JSON key for this service account. For instructions, see Google Cloud documentation.
- From the Jit platform, select Secrets in the menu bar under Settings.
- Follow the instructions in Secrets to create a secret with the following details:
- Name—
gcp-user-account - Secret— Paste the contents of your JSON key file into this text box.
- Name—
- Select Integrations.
- Locate the GCP tile and select integrate-as-code. You are taken to the
jit-integration.ymlfile. Add the information below to this file. If the option to integrate as-code is not available, you may need to manually addjit-integration.ymlto the repo containing Jit's configuration files.
gcp:
<integration_id>:
type: gcp_account
name: "<your account name>"
auth:
api_token: "${{ jit_secrets.gcp-user-account }}"
project_id: <your GCP project id>
| Key | Value/description |
|---|---|
| gcp: | Integration type. Key must be gcp:. The GCP integration is nested in this mapping. |
| <integration_id>: | This key is the name you choose for your GCP integration. |
| type: | Enter gcp_account as shown in the example. |
| name: | Enter your GCP account name as shown in the example. |
| api_token: | Enter exactly as shown in the example. |
| project_id: | Enter your GCP project ID as shown in the example. |
Updated 15 days ago