GCP Integration with ComplianceBot

Integrating GCP with ComplianceBot allows you to monitor your cloud infrastructure's compliance posture, ensuring adherence to industry standards. This guide will walk you through setting up the integration, running compliance checks, and understanding your compliance results in ComplianceBot

To navigate to the 'Integrations' section in the ComplianceBot dashboard, follow these steps:

• Access Settings: Log in to ComplianceBot and go to the Settings menu from the main navigation panel.

• Select Integrations: Within Settings, click on the Integrations tab to view the list of supported cloud platforms

• Select GCP: From the list of available integrations, choose GCP.

Sign into GCP and Select Your Project

• Sign into GCP: Log into your Google Cloud Platform account.

• Select Your Project: Choose the project where you want to create a service account for ComplianceBot integration.

Create a Service Account

• Navigate to IAM & Admin: Go to the GCP Console, select “IAM & Admin” and click on “Service Accounts” from the left panel.

Create a Service Account: Click on “Create Service Account” and fill in the required fields:

• Service Account Name

• Service Account ID

• Description

Create and Continue: Click “Create and Continue” to proceed.

Assign Permissions

Assign Viewer Permissions: Assign the role “Viewer” to the service account for read-only access.

Complete Setup: Click “Continue,” then “Done” to finish creating the service account.

Generate and Download Keys

Access the Service Account: Click on the service account you just created.

• Navigate to the Keys Tab: Go to the “Keys” tab and click “Add Key.”

• Add a New Key: Select “JSON” as the key type, and a key file will be downloaded to your device.

Integrate GCP in ComplianceBot : Within Settings, click on the Integrations tab to view the list of supported cloud platforms Provide your GCP account name in the specified field.

Configure Sync Options

Choose Sync Type: Select whether you want data to sync automatically or manually.

• If automatic, set the frequency (e.g., daily, weekly). In this example, we’ll proceed with manual syncing.

• Upload the previously downloaded JSON key file into ComplianceBot.

Test the Connection

• Test Integration: Click “Test Connection” to verify the GCP integration.

• Save Settings: Once the test is successful, click “Save” to finalize the integration.

Run Manual Compliance Checks

Initiate Sync: Go to the “Manage” section under GCP and click “Sync Now.”

Monitor Sync Status: Wait for the sync status to update to “Success.” This process checks your GCP resources for compliance and security issues.

View Results: Results will be available in the cloud section once the sync is complete.

Navigate the ComplianceBot Dashboard

Access the Cloud Section: View the results of your compliance checks by navigating to the cloud section.

• Summary: Get a quick overview of your compliance status, including passed and failed tests.

• Resource Breakdown: View resources categorized by compliance status: compliant, warning, or danger.

• Severity Categorization: Failed tests are sorted by severity, allowing you to prioritize critical issues.

Utilize Filters for Detailed Views

• Framework Filter: Filter tests based on specific compliance standards like HIPAA.

• Connector Filter: Select a particular cloud provider (e.g., AWS, GCP) to focus on its resources.

• Account Filter: Narrow results to a specific cloud account for detailed review.

• Service Filter: Focus on specific services, such as Compute Engine or Storage.

Explore the Tests Tab

Access the Tests tab for detailed test outcomes.

• Danger: Critical issues.

• Warning: Non-critical issues.

• Compliant: Passed tests.

Managing Test Results

Ignoring a Test:

• Click the ignore symbol on the right side of the test to move it to the “Ignored” section.

• Ignored tests will no longer impact your compliance score.

Include Ignored Tests: Toggle the “Include Ignored Tests” switch to view previously ignored tests in

Export Test Results

Export Results: Click the “Export” button to download your compliance test results for reporting or further analysis.your results.