Authorizing GCP
To authorize the API for Google Cloud Platform you will need to create a service account and give it the proper admin role as well as enabling the proper APIs in Google for access.
Steps
-
Login to GCP and navigate to to get to page where you can view or create your service accounts.
-
On the Service Accounts page, click Create Service Account to create a new account can be used for the API authorization. You will be
taken to the Create service account page where you can enter a name for the account (it will generate an account ID based on this name) and provide a
description. Click Create and Continueat the bottom to move to the next step where you can assign a role.
-
Assign a role to that created account. You will need to add both the Storage Admin role as well as Viewer role. Click the drop-down
and in the left column select Cloud Storage and then select Storage Admin. Add another role and then in the left column, select
Basic and then in the right column select Viewer. Click Continue when you are ready to move to the next
step.
-
Assign additional user access and admin access to the service account and then click Done.
-
Now click into the service account that you just created and click on the Keys tab to create a key that you will upload to Forcepoint ONE SSE to use that account for API scanning. Click and then select JSON and then click Create to download the .json file to your computer as you will need the file for
uploading to Forcepoint ONE SSE.
-
Navigate to to open APIs & Services page. On the APIs & Services page, click on Enable APIs and Services to open API Library
page.
- On the API Library page, search for the following APIs and enable each one by clicking on it and then by clicking Enable on the API details page.
- Cloud SQL Admin API
- Cloud Resource Manager API
- Cloud Logging API
