Integrating with GCP
Overview
Google Cloud Platform integration enables you to scan your GCP infrastructure for runtime misconfigurations.
Steps for integrating with GCP
To integrate Jit with Google Cloud Platform—
- Create a new service account for your Google Cloud project. For instructions, see Google Cloud documentation. Required permissions:
- Viewer
- Security Reviewer
- Stackdriver Account Viewer
- Create a JSON key for this service account. For instructions, see Google Cloud documentation.
- From the Jit platform, select Secrets in the menu bar under Settings.
- Follow the instructions in Secrets to create a secret with the following details:
- Name—
gcp-user-account
- Secret— Paste the contents of your JSON key file into this text box.
- Name—
- Select Integrations.
- Locate the GCP tile and select integrate-as-code. You are taken to the
jit-integration.yml
file. Add the information below to this file. If the option to integrate as-code is not available, you may need to manually addjit-integration.yml
to the repo containing Jit's configuration files.
gcp:
<integration_id>:
type: gcp_account
name: "<your account name>"
auth:
api_token: "${{ jit_secrets.gcp-user-account }}"
project_id: <your GCP project id>
Key | Value/description |
---|---|
gcp: | Integration type. Key must be gcp: . The GCP integration is nested in this mapping. |
<integration_id>: | This key is the name you choose for your GCP integration. |
type: | Enter gcp_account as shown in the example. |
name: | Enter your GCP account name as shown in the example. |
api_token: | Enter exactly as shown in the example. |
project_id: | Enter your GCP project ID as shown in the example. |
Updated 15 days ago