Configure Google Cloud Platform for a Compliance Audit

To configure Google Cloud Platform (GCP) to support a compliance audit:

Create a new service account to scan Google Cloud Platform.

  1. Navigate to IAM & Admin > Service Accounts.

    The Service Accounts page appears.

  2. Click Create Service Account.

    The Create service accounts page appears.

  3. Fill out the Service account details.
  4. Click Create and Continue.
  5. In the optional Grant this service account access to project section, select Project>Viewer in the Select a role box.

  6. Click Done.

    The newly created service account appears in a list of available accounts.

  7. Click on the email of the account you just created.

    The selected account's page appears.

  8. In the Keys tab, click Add Key and select Create new key from the drop-down.

    The Create private key for "your account name" pop-up appears.

  9. Select JSON as the key type.
  10. Click Create.

    The Private key saved to your computer pop-up appears as confirmation.

  11. The Private key file will download. This file will be added to the Google Cloud Platform credentials for the scan in Tenable.io or Nessus.

Repeat these steps for each project you wish to audit or, alternatively, grant the service account access.

What to do next:

Create an audit scan in either Tenable.io or Nessus: