Integrate Prisma Cloud with Google Cloud Security Command Center (SCC)
Table of Contents
Integrate Prisma Cloud with Google Cloud Security Command Center (SCC)
Learn how to integrate Prisma™ Cloud with Google Cloud Security Command Center (SCC).
Integrate Prisma™ Cloud with Google Cloud Security Command Center (SCC) for centralized visibility in to security and compliance risks associated with your cloud assets on the Google Cloud Platform (GCP).
You can set up this integration for a GCP Organization that you are monitoring with Prisma Cloud. The alerts generated by Prisma Cloud for GCP accounts based on your alert rule are posted to Google Cloud SCC. To show Prisma Cloud alerts in Google Could SCC for cloud accounts of other cloud types (such as AWS and Azure), contact Prisma Cloud support on the Palo Alto Networks LIVE Community.
- Verify the permissions for the service account you use to onboard the GCP Organization on Prisma Cloud.The Viewer, Organization Viewer, and Security Center Findings Editor roles are required.
- Enable the APIs required to view assets and findings on the Cloud SCC console.
- Go to the GCP Console API Library and select your GCP project.Make sure to enable these APIs in the project that owns the Service Account, which you will use to onboard the GCP Organization on Prisma Cloud.
- SelectEnable APIs and Services.
- Enable theCloud Security Command Center API.
- Enable theIdentity and Access Management (IAM) API.The service account must also include the iam.serviceAccounts.signJwt permission for the integration.
- Sign up for the Prisma Cloud SCC solution on the Google console.A security center administrator can set up this integration on the Google console.
- Go to the Google Console and search forPrisma Cloud CSCC.
- Visit Palo Alto Networks site to Signup.
- Select the organization that you onboarded in to Prisma Cloud.
- Select theService accountyou used to onboard the GCP Organization.
- Copy theSource ID. You need theSource IDwhen you set up this integration in Prisma Cloud.
- ClickDone.
- Set up Google Cloud SCC as one of the integration channels in Prisma Cloud.
- Log in to Prisma Cloud.
- Select .
- . A modal wizard opens where you can add the CSCC integration.
- EnterIntegration NameandDescription.
- Enter theSource IDthat you copied from Google.
- Select theGCP Organization.
- Nextand thenTest. Review the Summary andSave.For a successful integration, you must configure adequate permissions for the service account (as listed above). After you set up the integration successfully, you can use the Get Status link in to periodically check the integration status.
- Create an Alert Rule for Run-Time Checks or modify an existing rule to send alerts to Google Cloud SCC. See Send Prisma Cloud Alert Notifications to Third-Party Tools.
- View alerts in Cloud SCC.
- Go to the Google Console and select .
- ClickFindingsto view the alerts.
- Select the rule to see the details about the alerts.
