Skip to main content
Skip table of contents

Google Cloud

Sectona supports the discovery of assets in the Google Cloud Platform by using Google Cloud Discovery. It provides real-time visibility and inventory of Google Cloud assets. The discovery refreshes according to a schedule set by the user. Ensure the account has permissions at the root server level to ensure all target assets are discoverable. If you assign permissions on a folder in the target environment, you will only see the contained assets if permissions are also defined on the parent resource pool. As a best practice, it is recommended that the account be given read-only access.

Refer section Configuring Credentials for more details before executing this discovery scan.

Requirement

Description

Credential

Adding a Google Cloud scan job

Select New Asset Discovery Job as Google Cloud in +Asset Discovery Tab

Attributes 

Description

Job Details


Job Title

Enter a unique title for your scan job. E.g., Production instances.

Project

Enter the project_id that you get from the configuration (JSON) file.

Service Account Email

Enter the client_email that you get from the configuration (JSON) file.

Service Account Key

Enter the private_key_id that you get from the configuration (JSON) file.

Subscriptions

Provide the value as NA

Schedule type

Select a schedule type, whether you want to initiate this job once or a recurring job. If you select a recurring job, you can choose the days on which this job must be executed.

E.g., If you want to schedule a job every 2nd day at 5.00 p.m. from 1st Jan 2018 to scan your network, include the following details:

Recur every: 2 days
Task Start: 01 Jan 2018
Schedule Start Time: 4:30 pm to 5:15 pm

Task Start

The day when the discovery job will start

Scheduled Time

You can either choose "Any" or schedule a proper time from when to start the task and when to end the task

Action


On board assets

To start a scan manually with an option to add assets to specify profiles, click the Onboard asset as 'No'. 

If you wish to include assets automatically to existing groups and attributes, select option 'Yes'

Asset description(optional)

Added text will be included in every asset description field

Location(optional)

Added location field will be included in every asset location. You can configure system management location here

Criticality level(optional)

Added critical field will be included in every asset. This is important while structuring reports and notifications.

Refer to section Criticality level for more information about adding criticality level.

Tags (optional)

You can associate an asset with your desired single or multiple tags like Infosec, Banking Core Server, ATM Switches, etc.

Refer to section Tags for more information about adding context with tags.

Checkout policy

The option is selected as default as one can choose its policy by unchecking the default option and selecting the policy from the drop-down list available.

Rotation policy

The option is selected as default as one can choose its policy by unchecking the default option and selecting the policy from the drop-down list available

Reconciliation policy

The option is selected as default as one can choose its policy by unchecking the default option and selecting the policy from the drop-down list available.

Config value 1

The configuration value can be assigned here.

Config value 2

The configuration value can be assigned here.

Config value 3

The configuration value can be assigned here.

Config value 4

The configuration value can be assigned here.

Exclude from Account Discovery

When ticked, the accounts of this asset will be excluded from the Discovery job.

Owner(optional)

If you have listed the owner information of all the assets, please include here

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.