Create a Google Cloud User with Minimal Permissions for the Cisco Secure Dynamic Attributes Connector

This task discusses how to set up a service account with minimum permissions to send dynamic attributes to Security Cloud Control. For a list of these attributes, see Google Cloud Connector—About User Permissions and Imported Data.

Before you begin

You must already have set up your Google Cloud account. For more information about doing that, see Setting Up Your Environment in the Google Cloud documentation.

Procedure


Step 1

Log in to your Google Cloud account as a user with the owner role.

Step 2

Click IAM & Admin > Service Accounts > Create Service Account.

Step 3

Enter the following information:

  • Service account name: A name to identify this account; for example, CSDAC.

  • Service account ID: Should be populated with a unique value after you enter the service account name.

  • Service account description: Enter an optional description.

For more information about service accounts, see Understanding Service Accounts in the Google Cloud documentation.

Step 4

Click Create and Continue.

Step 5

Follow the prompts on your screen until the Grant users access to this service account section is displayed.

Step 6

Grant the user the Basic > Viewer role.

Step 7

Click Done.

A list of service accounts is displayed.

Step 8

Click More (more icon) at the end of the row of the service account you created.

Step 9

Click Manage Keys.

Step 10

Click Add Key > Create New Key.

Create a new key for your user

Step 11

Click JSON.

Step 12

Click Create.

The JSON key is downloaded to your computer.

Step 13

Keep the key handy when you configure the GCP connector.


What to do next

See Create a Google Cloud Connector.