Google Cloud Platform CSPM ConfigurationUpdated Sep 27, 2023
Configure Google Cloud Platform (GCP) to enable Arctic Wolf® Cloud Security Posture Management (CSPM).
- An active Managed Risk subscription
Sign in to the Google Cloud Console with administrator credentials.
From the main menu, click IAM & admin > Service accounts.
Click CREATE SERVICE ACCOUNT.
In the Service account details section:
Service account name — Enter a short, descriptive name, such as
Service account ID — (Optional) Enter a unique ID for the service account, such as
Tip: A unique value is automatically generated when you specify a service account name.
Service account description — (Optional) Enter a description for the service account, such as
Used for Arctic Wolf monitoring.
In the Service account permissions section:
- In the Select a role list, click Project > Viewer.
- Click CONTINUE.
On the Grant users access to the service account page, click DONE.
Find the service account that you created for the Arctic Wolf monitoring service.
Complete these steps:
- Expand the Actions menu for the service account, and click Manage keys.
- Select ADD KEY > Create new key.
- In the dialog box, click JSON for the key type.
- Click CREATE. The JSON file containing the service account credentials automatically downloads to your computer.
Record the name and filepath of the JSON download for later.
If you have not already done so, sign in to the Google Cloud Console with administrator credentials.
In the navigation bar, click the Google APIs log to open the APIs & Services page.
In the search bar, enter
APIs & Servicesand then select that page from the results.
Enable each of these APIs in your project:
- Cloud DNS
- Stackdriver Monitoring
- Cloud Logging
- Compute Engine
- Cloud Key Management
- Cloud SQL Admin
- Kubernetes Engine
- Service Management
- Service Networking
To enable each API:
- In the API search box, enter the name of the API.
- Select the individual API entry in the search result.
- Click ENABLE to enable this API in the project.
Sign in to the Arctic Wolf Unified Portal.
In the menu bar, click Telemetry Management > Connected Accounts.
Click Add Account +.
On the Add Account page, from the Account Type list, select Cloud Security Posture Management.
From the list of cloud services, select GCP CSPM.
On the Add Account page, complete these steps:
- Account Name — Enter a unique and descriptive name for the account.
- Open the JSON file that you downloaded as part of Create a service account.
- From the JSON file, copy the
project_idvalue, and paste it into the Project ID field.
- Upload the JSON file.
- Credential Expiry — (Optional) Enter the expiration date if the credentials have an expiry date.
Click Test and Submit Credentials.
After your Concierge Security® Team (CST) adds this account to your scan configuration, the connected account changes to Healthy.