Skip to main content

Connect GCP

Connect GCP when you want DevOps Genie to scan Google Cloud resources and evaluate security and compliance posture.

What you need

  • Admin access in DevOps Genie.
  • Permission to create or manage a GCP service account.
  • A service account JSON key for the project you want to scan.
  • Read-oriented IAM roles such as Viewer and Security Reviewer, adjusted to your organization's policy.

Product flow

  1. Go to Cloud Accounts > Add Cloud Account.
  2. Select GCP.
  3. Create or choose a service account in Google Cloud.
  4. Grant read-oriented access to the target project.
  5. Paste the full service account JSON key into DevOps Genie.
  6. Click Verify & Connect or Add Account.

DevOps Genie validates the JSON and checks whether the service account can read the expected project metadata. If important permissions appear to be missing, the product may show warnings before you save the account.

Security note

Some organizations restrict long-lived service account keys. If that applies to you, coordinate with your security team before connecting GCP. The current product flow expects a service account JSON key for platform-side scanning.

After connection

The first scan starts automatically after validation succeeds. Results appear in Security > All Findings, Security > High Risk, Security > Compliance, and Risk Inventory.

Troubleshooting

If validation fails:

  • Confirm the pasted JSON is complete and valid.
  • Confirm the service account is enabled.
  • Confirm the service account has read access to the target project.
  • Confirm the project is not restricted by an organization policy that blocks the requested APIs.
  • See Cloud Account Validation.