Create a Google Cloud Platform Security Audit Role
When connecting your Google Projects to Aqua CSPM use the following Custom Role and assign it to your connected Service Account.
Follow these steps to create the GCP Org Security Audit Role
- Step 1: Retrieve the Aqua CSPM Security Audit Role for GCP
- Step 2: Create the Role in your Organization
- Step 3: Verify Role Creation
Step 1: Retrieve the Aqua CSPM Security Audit Role Template
- Open Google Cloud Shell.
- Enter the following command to load the Template.
curl https://aqua-cspm-resources.s3.amazonaws.com/google/security-audit-role-org.yaml -o security-audit-role-org.yaml
Step 2: Create the Role in your Organization
- Use the following command by replacing your Organization Id.
gcloud iam roles create AquaCSPMSecurityAudit --organization=YOUR_ORGANIZATION_ID --file=security-audit-role-org.yaml
Step 3: Verify Role Creation
- Visit the IAM Console > Roles.
- Select your Organization .
- Verify your role was created accordingly.
Follow these steps to create the GCP Security Audit Role
- Step 1: Retrieve the Aqua CSPM Security Audit Role for GCP
- Step 2: Create the Role in your Organization
- Step 3: Verify Role Creation
Step 1: Retrieve the Aqua CSPM Security Audit Role Template
- Open Google Cloud Shell.
- Enter the following command to load the Template.
curl https://aqua-cspm-resources.s3.amazonaws.com/google/security-audit-role.yaml -o security-audit-role.yaml
Step 2: Create the Role in your Organization
- Use the following command by replacing your Project Id.
gcloud iam roles create AquaCSPMSecurityAudit --project=YOUR_PROJECT_ID --file=security-audit-role.yaml
Step 3: Verify Role Creation
- Visit the IAM Console > Roles.
- Select your Project .
- Verify your role was created accordingly.
Did you find it helpful? Yes No
Send feedbackSorry we couldn't be helpful. Help us improve this article with your feedback.