Faddom can discover your GCP environment without installing anything on your VMs. This guide will walk you through setting this up for a GCP subscription.
Note: If you require use of an HTTP proxy with authentication in order to allow the Faddom server access to the GCP API, this is not currently supported by GCP. You can read more about this here.
Creating a Service Account Key
To be able to read the data and collect information from your GCP account, you will need to provide Faddom with a Service Account Key file. Follow the below to create one -
In the Google Cloud console, go to the Service accounts page. The remaining steps will appear automatically in the Google Cloud console.
Select the project you wish to map in Faddom. In the case of multiple projects, each one will need its own Service Account Key
Click the email address of the service account that you want to create a key for
Click the Keys tab
Click the Add-key drop-down menu then select Create new key
Select JSON as the Key type and click Create
Clicking Create downloads a service account key file. After you download the key file, you cannot download it again.
Creating Traffic Flows
To be able to receive the traffic, you will need to setup the traffic flows by using the following procedure -
In the Google Cloud console, go to the VPC networks page.
Click the subnet that you want to update.
Click Edit
For Flow logs, select On.
Click Save
For more information, you can refer to the GCP documentation VPC Flow Logs and Use VPC Flow Logs
Connecting Faddom to GCP
Go to Settings > Data Source > GCP
Upload the Key file created in the above step and click on Set Credentials
After a few moments, Faddom will list all the subnets in the project, select which you want to receive flow logs for and select Done
You will then be taken back to the Data Sources screen once this step is complete