The following section configures the credentials to access your GCP infrastructure.
- At least one Organization and Project created in your GCP environment.
- Google Pub/Sub enabled within your Project. You can enable this from the
Pub/Sub link in the left-hand navigation in
When an action is performed on a GCP resource, GCP Cloud Logging generates log messages for these actions which are routed to the Pub/Sub using Sinks. GCP Pub/Sub is used to store log messages as a queue and Cloud Discovery & Visibility acts as a subscriber to pull messages from Pub/Sub for visibility jobs.
- GCP service accounts keys downloaded in JSON format to access your GCP infrastructure. This can be retrieved from the Service Accounts page in GCP.
Under GCP Service Account, upload your GCP service account keys JSON file by dragging and dropping the file to Discovery & Visibility GCP, or by clicking the icon. Once the GCP service account keys have been successfully uploaded, Discovery & Visibility GCP validates the service account keys against GCP.