Skip to main content

AQUILA CSPM - GCP Integration

Authentication

To use this CSPM Google Cloud Platform (GCP) integration, you need to set up a Service Account with a Role and a Service Account Key to access data on your GCP project.

1. Service Account

First, you need to create a Service Account. A Service Account (SA) is a particular type of Google account intended to represent a non-human user who needs to access the GCP resources.

The AQUILA Agent uses the SA to access data on Google Cloud Platform using the Google APIs.

2. Required IAM Service Account Roles:

For CSPM-GCP Integration

  • Browser: This role grants read access to the project hierarchy.

  • Cloud Asset Viewer: Can view asset metadata across GCP services.

Click here --> GCP - How to Add a Role

3. Enable API Services

  • Cloud Asset API: Provides metadata inventory and history of GCP resources and IAM policies for security analysis, audit, and compliance.

Click here --> GCP - How to enable Cloud Asset API

4. Service Account Key  

Next, with the Service Account (SA) with access to Google Cloud Platform (GCP) resources setup, you need some credentials to associate with it: a Service Account Key.  

From the list of SA (Service Accounts):  

  1. Go to IAM & Admin > Service Accounts in the GCP Console.
  2. Click the service account you created.
  3. Under the "Keys" section, click "Add Key" > "Create new key".
  4. Choose JSON as the key type.
  5. Download and securely store the generated private key (it cannot be retrieved again from GCP if lost).

Please provide the following information to CyTech Support: 

  • Project ID  - The Project ID is the Google Cloud project ID where your resources exist. 

  • Credentials File - Save the JSON file with the private key in a secure location of the file system, and make sure that the Log Collector Agent has at least read-only privileges to this file.

How to integrate to AQUILA CSPM Module

Pre-requisites
  1. Access to CyTech - AQUILA

    • Only users assigned the "Owner" or "Admin" role can access the Log Collector installation resources within the platform.

To navigate to CSPM Module please follow the instructions below:

Step 1: Log in to CyTech - AQUILA. Click here --> AQUILACYBER.ai
Step 2: Click on Cyber Monitoring.

image.png

Step 3: Choose Cloud Security Posture Management (CSPM).

image.png

Step 4: Click the "Let's Go" or "Onboard CSPM" icon to launch installation window.

image.png

Step 5: Click "Let's go" to start the integration process.

image.png

Step 6: Choose your log collector. If you haven't installed a log collector yet choose "New Log Collector" click here --> Log Collector Installation. If you have already have an existing log collector choose "Current Log Collector" and click "Next".

image.png

Step 7: Click "Next" if the requirements are met.

image.png

Step 8: Choose your current log collector. This will collect the logs coming from your log sources.

image.png

Step 9: Choose Google Cloud Platform and click "Next" to proceed.

image.png

Step 10: Input all the required credentials from the previous GCP configurations and click "Next" to initiate the integration process. Wait for couple of minutes until a success window shows up.

image.png

Please refer to this manual for the full guidelines of our CSPM Module. click here--> CyTech - AQUILA CSPM Manual 

If you need further assistance, kindly contact our support at support@cytechint.com for prompt assistance and guidance.

No Comments
Back to top