Aqua supports CSPM in Google Cloud Platform (GCP) projects to help ensure the security and compliance of GCP resources.


TABLE OF CONTENTS


Getting Started

Connecting the Aqua to your GCP project is simple and straightforward and takes about 5 minutes. CSPM connects to your project through the use of a service account with read-only "Viewer" access. Refer to our GCP setup guide for complete installation steps.


The Scanning Process

Once connected, CSPM will query various read-only APIs in your account to obtain information about the configuration of your infrastructure services. This information will be processed and analyzed by our security control plugins to produce a security report.


Example Findings

CSPM has hundreds of plugins, representing a variety of cloud security controls. Some example findings include:

  • The use of rotation for cryptographic keys
  • Security groups configured to allow inbound access to sensitive services from the internet
  • The use of least-privileged policies for services and compute instances


Next Steps

To begin auditing your GCP accounts, simply register for an Aqua account and follow the connection process above.