search

Connecting GCP to Osto

This guide will walk you through securely connecting your Google Cloud Platform (GCP) project to Osto for continuous visibility, scanning, and cloud security posture management.

  • Navigate to the Google Cloud Consolearrow-up-right

  • Sign in using your Google account credentials.

  • You’ll need to collect a few identifiers and credentials during this setup - follow the steps below carefully.

1

hashtag
Find Your Project ID

Your Project ID uniquely identifies your Google Cloud project.

To find it:

  • In the Google Cloud Console, open the Project Selector at the top.

  • Locate the project you want to connect to Osto.

Copy the Project ID - you’ll need it later for the Osto connection form.

2

hashtag
Create a Service Account

Osto connects to GCP using a Service Account with read-only permissions.

To create one:

  • Navigate to IAM & Admin → Service Accounts.

  • Click Create Service Account.

  • Provide a name such as osto-cloud-security-posture-management.

  • Add an optional description (e.g., “Osto to monitor resources”).

  • Click Create and continue.

3

hashtag
Assign the Viewer Role

Your service account must have read-only access.

To assign permissions:

  • In the role selector, search for Viewer.

  • Select Viewer (basic read-only role) and Click Continue.

circle-info

This ensures the service account can only view resources, not modify them.

4

hashtag
Skip Optional Access Settings

You may optionally grant others access to the service account. If not needed:

  • Click Done.

5

hashtag
Generate a JSON Key

To generate the credentials Osto will use:

  • Open the newly created service account.

  • Go to the Keys tab.

  • Click Add key → Create new key.

  • Choose JSON.

  • Click Create.

A JSON key file will download automatically - store it securely.

6

hashtag
Fill in the Osto Cloud Connector Form

Return to your Osto platform and open the Connect a Cloud Provider window. Select Google Cloud Platform (GCP).

Fill in the fields as follows:

  • Name: A friendly name for your GCP connection (e.g., “Prod GCP Project”).

  • Description: Optional description for easier identification.

  • Project ID: The Project ID you copied earlier.

  • JSON Key: Paste the JSON key file downloaded earlier.

Once filled, click Connect to authenticate and establish the integration.

7

hashtag
Verify Connection

After connecting successfully:

  • Your GCP assets will begin syncing automatically.

  • The Osto Dashboard will display asset count and severity findings.

  • The connector’s status will change to Active.

hashtag
Summary of Required Values

Parameter
Source
Example

Service Account Name

IAM & Admin → Service Accounts

osto-cloud-security-posture-management

Role

Permissions Assigned During Creation

Viewer

Key Type

Keys → Create new key (JSON)

osto-gcp-credentials.json

hashtag
Troubleshooting Tips

chevron-rightError: “Invalid key or credentials”hashtag

Ensure that the JSON key file you uploaded is valid and corresponds to the correct service account.

chevron-rightError: “Insufficient permissions”hashtag

Verify that the service account has the Viewer role.

chevron-rightKey Lost or Deletedhashtag

Generate a new JSON key in the GCP Console and update it in Osto.

chevron-rightConnection Failshashtag

Confirm your GCP project allows API access and that no firewall rules are blocking outbound requests.

PreviousConnecting AWS to OstoNextTroubleshooting Common Issues

Last updated