HERE'S WHY
Connecting Google Cloud Platform (GCP) to Drata allows for the automated, continuous monitoring and evidence collection of the dozens of infrastructure security controls required for compliance.
BEFORE DIVING IN
Make sure you have owner access at both the project as well as at the organization level, and Super Admin on your linking Google Workspace account to your company's GCP account.
HERE'S HOW
Follow these instructions to connect GCP to Drata:
1. Select "Connections" on the side navigational menu.
2. Select the 'Available connections' tab and then search for 'Google cloud' to select the connect button for the GCP integration.
3. Follow the instructions in the connection drawer. For more information, go to GCP Connection Details.
Tips:
Drag and drop the downloaded "JSON Key File" into the dropzone.
Monitoring tests covered
Test 4: SSL/TLS on Admin Page of Infrastructure Console
Test 30: Availability Zones Used
Test 68: Customer Data is Encrypted at Rest
Test 69: Customer Data in Cloud Storage is Encrypted at Rest
Test 88: MFA on Infrastructure Console
Test 95: MFA on Infrastructure Console
Test 98: Employees have Unique Infrastructure Accounts
Test 102: Public SSH Denied
Test 104: Cloud Data Storage Exposure
Test 107: Daily Database Backups
Test 108: Daily Database Backups
Test 112: Database CPU Monitored
Test 118: NoSQL Cluster Storage Utilization Monitored
Test 119: Firewall Default Disallows Traffic
Test 122: Web Application Firewall in Place
Test 123: Cloud Infrastructure Linked to Drata
Test 130: Load Balancer Used