Integrate with GCP Using Keyless Authentication

You can configure Tenable Attack Surface Management to pull data Google Cloud Platform using keyless authentication.

Before you begin

• Configure GCP for Keyless Authentication.

• Make sure your account has read-only permissions. You can use the built-in GCP role: Viewer.

• Make sure that you download the configuration file that you obtained when configuring GCP.

  Note: Tenable Attack Surface Management does not make any modifications in your Google Cloud Platform account, but you must make sure that the keys have read-only privileges.

To integrate Google Cloud Platform with Tenable Attack Surface Management using keyless authentication:

1. In the upper-right corner, click the button.

   The All Integrations page appears.

2. Do one of the following:

   • In the All Integrations page, click Add > Google Cloud Platform - Keyless.

   • In the upper-right corner, click Add > Google Cloud Platform - Keyless.

   • In the bar above the table, click Add > Google Cloud Platform - Keyless.

     The Add Google Cloud Platform - Keyless Integration window appears.

3. In the Name box, type a name for the integration.

4. Click Upload to upload the Workload Identity Federation file. For information about how to download the configuration file, see Configure GCP for Keyless Authentication.

5. Click Add.

   Tenable Attack Surface Management adds the integration.