Create a Google Cloud Platform Connector (Discovery Only)

The following is not supported in Tenable FedRAMP Moderate environments. For more information, see the Tenable FedRAMP Moderate Product Offering.

Required User Role: Administrator

Before you begin:

To create a GCP connector:

  1. In the left navigation, click Settings.

    The Settings page appears.

  2. Click the Cloud Connectors tile.

    The Cloud Connectors page appears and displays the configured connectors table.

  3. In the upper-right corner of the page, click the Create Connector button.

    The Select a Connector pane appears.

  4. In the Connectors section, click Google Cloud Platform.

    The Google Cloud Platform pane appears.

  5. In the Connector Name: box, type a name to identify the connector.

  6. In the Service Account Key section, click Add File to upload your service account key that you obtained when configuring GCP.

  7. The Auto Account Discovery toggle is always enabled and cannot be disabled. Any Project ID(s) associated with the service account you provided are auto-discovered and assets will be pulled from those projects.

  8. In the Select or Create Network drop-down box, select an existing network for your connector or click the button to create a new network.

    Note: Networks help to avoid IP address collisions between cloud assets and Nessus-discovered assets. Tenable recommends creating a network for each connector type in use to prevent asset records in different cloud environments from overwriting each other. For more information about the network feature, see Networks.

  9. Use the Schedule Import: toggle to enable or disable scheduled imports.

    Note: By default, Tenable Vulnerability Management requests new and updated asset records every 1 day.

    If enabled:

    • In the Import text box, type the frequency with which Tenable Vulnerability Management sends data requests to the GCP server.
    • In the drop-down box select Minutes, Hours, or Days.

      Note: When you schedule a connector configuration to sync every 30 minutes, a discovery job is placed in a queue every 30 minutes. The results of the discovery job become available in the Tenable Vulnerability Management interface and logs depending on the workload for the connector services. So, the results of the discovery job can take more than 30 minutes depending on the queue.

  10. Do one of the following:
    • To save the connector, click Save.
    • To save the connector and import your assets from GCP, click Save & Import.
  11. Note: There may be a short delay before your assets appear in Tenable Vulnerability Management.