AI Runtime Security
Onboard GCP Cloud Account in SCM
Table of Contents
Expand All
|
Collapse All
AI Runtime Security Docs
Onboard GCP Cloud Account in SCM
Onboard your GCP cloud account in Strata Cloud Manager (SCM).
Where Can I Use This? | What Do I Need? |
---|---|
|
- Log in to SCM.Select Insights → AI Runtime Security.
- If you are onboarding a cloud account for the first time, click Get Started.If you have previously onboarded a cloud account, click the Cloud Account Manager (cloud) icon.Select Cloud Service Provider as GCP and select Next.Enter basic information:
- A unique Name to identify your onboarded cloud account (Limit the name to 32 characters).
- The GCP Project ID.
- Input (Storage) Bucket Name you created in the Create a Cloud Storage Bucket prerequisite step.
In Application Definition, select Next.The namespace shows applications from Pods/Cluster workloads, while VPC/VNETs display applications from virtual machine workloads.Input Service Account Name (Enter only lowercase letters and numbers; the name must be between 3 and 24 characters).Download Terraform.Please use one service account per project.Execute Terraform. Unzip the downloaded Terraform zip file and follow the `README.md` file for instructions to deploy the Terraform in your cloud environment.cd <unzipped-folder>/gcp #Deploy the Terraform terraform init terraform plan terraform applyProvide the required IAM Permissions to the user executing the Terraform template.Select Done.This validates the successful creation of a service account in GCP.After successfully connecting to the cloud service provider with the specified service account, the AI Runtime Security instance gathers cloud VM and Kubernetes workload IP tags from the Edge Service and tag collector, respectively. This discovery process can take up to 15 minutes before assets appear on the SCM Command Center dashboard.You can now view and manage the onboarded cloud accounts in SCM.The SCM dashboard under Insights → AI Runtime Security shows all the cloud assets discovered.Next, protect the network traffic flow by deploying an AI Runtime Security instance in GCP.