Connect a GCP Project to Guardrails

In this guide you will connect a GCP account to Guardrails.

This is the second guide in the Getting started with GCP series.

Prerequisites

  • Completion of the previous guide: Prepare an GCP Project for Import to Guardrails.

  • Access to the Turbot Guardrails console with admin privilege.

Step 1: Login to Guardrails

Login to your Guardrails console and select the CONNECT option from the home page.

locate-top-level-connect

Step 2: Select GCP

Select GCP from the connect panel.

Select GCP

Select GCP Project.

Select GCP Project

Step 3: Select import location

Expand the Parent Resource dropdown and choose the Sandbox folder as the import location.

Choose Sandbox

Step 4: Upload Key file

Note

Turbot Guardrails now supports two ways to enable access authentication:

  • Using Service Account Impersonation
  • Credential file with key type as JSON or Private Key Text (copy-paste of the JSON private key)
  • This guide demonstrates the process using the key type as JSON format.

    In the previous guide you created and downloaded a JSON-format key file. Locate that file and drag it to the drop target.

    Choose Upload Credential File

    Step 5: Connect

    Select the Connect button.

    Connect

    Step 6: Observe progress

    Wait for the progress bar to complete. This process takes a while, and you’ll see the bars fluctuate. The number of resources will grow as Guardrails discovers them.

    gcp_progress_bar

    Step 7: View Controls by state

    Select Reports from the top navigation menu. Type controls into the Search reports… field to show only reports with the word "controls" in their name. Select the Controls by State report from the list.

    search-for-controls-reports

    Step 8: Configure report filter

    Select the Type dropdown from the filters bar. Then enable the check box next to GCP to limit the report to only show GCP controls.

    set-type-filter

    Step 9: Review Controls

    Review the status of your controls for GCP.  Alarm, OK, Skipped, and TBD are all common and normal states to see in your project.

    Important

    The controls in Error or Invalid states must be cleared before moving further into these guides. It takes few mins depending on various factors. We suggest to wait and report to Turbot support, in case these errors are not cleared up automatically.

    Bookmark the Controls by State report, you’ll need it in subsequent guides.

    gcp-controls-by-state

    Next Steps

    You've now successfully connected your GCP project to Guardrails.

    In the next guide we’ll see how Guardrails watches your project and reacts to resource changes.

    Progress tracker

    • Prepare a GCP Project for Import to Guardrails
    • Connect a GCP Project to Guardrails
    • Observe GCP Activity
    • Enable Your First Guardrails Policy Pack
    • Review Project-Wide Governance
    • Create a Static Exception to a Guardrails Policy
    • Create a Calculated Exception to a Guardrails GCP Policy
    • Send an Alert to Email
    • Apply a Quick Action
    • Enable Automatic Enforcement