Skip to main content

Connect Google Cloud (GCP) Project Manually

Overview

This documentation article provides a step-by-step guide to establish a connection between your Google Cloud (GCP) project and the Upwind platform.

By establishing this connection, you enable Upwind to detect Kubernetes clusters and cloud resources within your project, integrate it with the Upwind platform, and gain access to Google Cloud APIs. This access enables the collection of contextual information, which enriches Detections and Findings of security threats in your environment.

To facilitate this process, we will utilize Google Cloud Console. Through the console, we will create the resources and configurations necessary for establishing the connection between Google Cloud (GCP) and the Upwind platform.

Prerequisites

Before proceeding, ensure that you have the following prerequisites in place:

  1. Google Cloud Project: You should have a Google Cloud project name with administrative privileges to create and manage resources, such as service accounts and IAM role bindings.

  2. APIs & Services: Verify the following APIs are enabled. For more information on how to do this, refer to the guide Enable and Disable APIs.

    TitleName
    Cloud Asset APIcloudasset.googleapis.com
    Cloud Resource Manager APIcloudresourcemanager.googleapis.com
    Compute Engine APIcompute.googleapis.com
    Identity and Access Management APIiam.googleapis.com
    Kubernetes Engine APIcontainer.googleapis.com

Setup

  1. Login to your desired Google Cloud (GCP) Account
  2. Create a Service Account:
    1. Navigate to Service account in Google Cloud (GCP) under the IAM service and create a new service account.
    2. Name your service account
    3. For the newly created Service Account select the role of viewer to be assigned.
  3. Service account key:
    1. Create and download a new service account key.
    2. Upload the service account key to the Upwind Console.

Next Steps

After establishing a connection to your Google Cloud (GCP) Project(s), Upwind will populate an inventory of all compute resources and show which resources are Unprotected.

To connect a Kubernetes cluster with Upwind, follow the instructions provided in the console: Connect a Kubernetes cluster

To connect a Linux host with Upwind, follow the instructions provided in the console: Connect a host.