- PingSafe Knowledge Base
- Getting Started on PingSafe
-
Getting Started on PingSafe
-
Integrations
-
AWS Knowledge Base
- Amazon EKS
- Amazon RDS
- Amazon Kinesis
- AWS Organizations
- Amazon SQS (Simple Queue Service)
- AWS Cloudtrail
- AWS Certificate Manager
- AWS IAM
- AWS Workspaces
- Amazon S3
- AWS Systems Manager (AWS SSM)
- Amazon EC2
- Amazon Redshift
- Amazon EMR
- Amazon CloudFront
- Amazon DynamoDB
- Amazon Managed Workflows for Apache Airflow (MWAA)
- Amazon Route 53
- AWS Key Management Service (KMS)
- Amazon CloudWatch
- Amazon ElasticSearch
- AWS Database Migration Service
- AWS Config
- AWS X-Ray
- Amazon API Gateway
- Amazon Athena
- Amazon SageMaker
- AWS Elastic Load Balancing (ELB)
- AWS Lambda
- AWS Auto Scaling
- Amazon GuardDuty
- Amazon Elastic File System (Amazon EFS)
- Amazon Elastic Container Registry (Amazon ECR)
- AWS Glue
- Amazon Simple Notification Service (SNS)
- AWS Elastic Beanstalk
- AWS CodeBuild
- AWS Secrets Manager
- AWS Transfer Family
- Amazon Access Analyzer
-
Azure Knowledge Base
- Container Registries
- Azure Virtual Machines
- Network Security Group
- PostgreSQL
- Azure Monitor
- Azure Security Center
- SQL Databases
- SQL Servers
- Storage Accounts
- Azure Key Vaults
- Load Balancers
- App Services
- Azure Active Directory
- Activity Log
- Azure Policy
- Kubernetes Services
- Azure Resources
- Azure Cosmos DB
- CDN Profiles
- MySQL Servers
- Azure Virtual Network
- Azure Network Watcher
- Azure Cache for Redis
-
GCP Knowledge Base
- Google Cloud VPC
- Google Cloud IAM
- Google Cloud Load Balancing
- Google Cloud Logging
- Google Cloud Kubernetes Engine
- Google Cloud Pub/Sub
- Google Compute Engine
- Google Cloud Key Management Service (KMS)
- Google Cloud DNS
- Google Cloud Storage
- Google Cloud Dataproc
- Google Cloud SQL
- Google Cloud Spanner
- Google Cloud Deployment Manager
- Google Cloud BigQuery
- Google Cloud Dataflow
-
Digital Ocean Knowledge Base
Connect your Google Cloud Project with PingSafe
This article explains how you can connect your Google Cloud Project with PingSafe for detecting security vulnerabilities continuously
Prerequisites to Onboard GCP Project:
- User should have either GCP managed "Owner" role OR below permissions attached to existing user role:
iam.roles.create
iam.roles.get
iam.serviceAccountKeys.create
iam.serviceAccountKeys.enable
iam.serviceAccountKeys.get
iam.serviceAccounts.create
iam.serviceAccounts.get
iam.serviceAccounts.setIamPolicy
resourcemanager.projects.getIamPolicy
resourcemanager.projects.setIamPolicy
serviceusage.services.list
- Click on the Settings ⚙️ button in the top right corner.
- From the left navigation panel click on "Cloud Configuration" button.
- Click on the "Add account" button in the top right corner.
- Click on the “Connect” button present under “Google Cloud Platform”.
- From the GCP console, make a note of your "ProjectID".
- Select “Project” from the “Onboard” option, fill in the “Account Name”, “ProjectID” and select the “Scan” Mode.
- Detect Mode: PingSafe has read-only access to the resources in your Google Cloud account.
- Detect & Auto remediate: PingSafe have read/write access to the resources. You will have to enable/disable this feature for each plugin that supports auto remediation.
- Enabling GCP Log Event integration during project/ organization onboarding. If you already have an existing Pub/Sub topic flowing gcp audit logs, you can enter that in the text box and click on "Next". We recommend leaving it empty (In this case PingSafe will create a new topic for you).
- Click on the “Next” button.
- Download the “Terraform script” and navigate to the Google Cloud Shell.