Skip to main content

Google Cloud

Maarten Decat
Updated

The Google Cloud connector for Elimity Insights fetches user accounts, service accounts, roles, permissions and buckets from Google Cloud so you can keep in control of your environment. 

Follow the instructions below to set up the connector for your environment.

How it works

  • Elimity Insights periodically fetches user accounts, service accounts, roles, permissions and buckets from Google Cloud.
  • Write Elimity Insights queries to review and monitor updates to the data, or leverage existing queries.
  • Configure these stored queries to take action when the Elimity Insights data changes.

Integration requirements

Setting up a Google Cloud source in Elimity Insights requires:

  • a user in Google Cloud to set up a service account,
  • a user in Elimity Insights with the role Connector Admin or higher.

Integration instructions

Follow the following steps to set up a Google Cloud source in Elimity Insights:

  1. Log in to the Google Cloud Console and select the project you want to sync from the drop-down in the top-left corner. Copy the value of the ‘ID’ column for the chosen row in the table of projects to the ‘Project ID’ field in Elimity Insights.

  2. Open the navigation menu from the top-left corner, and click on the ‘IAM & Admin > Service accounts’ item. Create a new service account by pressing the ‘CREATE SERVICE ACCOUNT’ button at the top of the page. Provide a descriptive name (e.g. ‘Elimity Insights’) and generate or choose a unique identifier for the service account. Press ‘CREATE AND CONTINUE’.

  3. Grant the service account read rights to all information in the project by granting it the role ‘Security Reviewer’. Press ‘CONTINUE’ and skip the last optional step by pressing ‘DONE’.

  4. Open the menu in the ‘Actions’ column for the newly created service account, and click on the ‘Manage keys’ item. Click the ‘ADD KEY’ button and select ‘Create new key’. Ensure the key type is ‘JSON’ and press the ‘CREATE’ button. Choose the downloaded file as value for the ‘Credentials JSON’ field in Elimity Insights. Delete the file from your computer, you will no longer need it.

Troubleshooting

Failed creating IAM client: invalid character ‘x’ looking for beginning of value.

The provided credentials are not formatted correctly. Ensure the file has a ‘.json’ extension.

The caller does not have permission, forbidden.

The provided credentials do not provide access to the configured project. Make sure both the ‘Credentials JSON’ and ‘Project ID’ fields are set correctly.

Changelog

v3.18.0

  • Added descriptions for all out-of-the-box controls.

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk