P0 App Documentation
Sign up for FreeSandbox
  • What Is P0?
    • πŸŽ›οΈIAM Dashboard
    • πŸ”ŽAccess Inventory
    • πŸͺ‘IAM Posture
    • ⏱️Just-In-Time Access
    • ♻️Service-Account Key Rotation
  • Getting Started
    • ⬇️Quick Start
    • 🎁Share P0 With Your Team
  • INVENTORY
    • πŸ—ΊοΈAccess Inventory
    • πŸ”¬Result Details
    • ❔Query Search
      • πŸ“–Search Reference
  • Posture
    • βš–οΈPosture Overview
  • Monitor Results
  • πŸ€”Finding Details
  • ORCHESTRATION
    • ⏰Just-in-time access
      • πŸ–οΈRequesting Access
        • πŸ‘‰For Another Party
      • 🏁Approving Access
        • Pre-approving Access
      • πŸ”€Request Routing
        • Google Cloud Filtering
        • AWS Filtering
  • Environments
    • ☁️Creating an Environment
    • πŸ““Environment Terminology
    • βš™οΈSettings
  • Integrations
    • πŸ“žNotifier integrations
      • πŸ’¬Slack
      • πŸ‘¬Microsoft Teams
      • πŸ“£Custom Notifier
    • πŸ”‘Resource integrations
      • ☁️Google Cloud
        • Requesting Access
        • Permissions Reference
          • Cloud Storage
          • Compute Engine
      • πŸ“¦AWS
        • Requesting Access
      • ☸️Kubernetes
        • Requesting Access
        • Advanced Requests
      • πŸ”‹PostgreSQL
        • Requesting Access
      • ❄️Snowflake
      • πŸ–₯️SSH
      • GitHub
        • Requesting Access
      • πŸ› οΈCustom Resource
    • πŸ‘₯Directory integrations
      • Microsoft Entra ID
        • Requesting Access
      • Google Workspace
      • Integrate P0 with Okta
    • βœ”οΈApproval integrations
      • πŸ””PagerDuty
    • πŸ”ŒSIEM Integrations
      • Splunk HEC Setup
  • P0 Management
    • 🎩Role-Based Access Control
Powered by GitBook
On this page
  • Prerequisites
  • Set up Google Cloud Integration
  • Set up your Organization
  • Install a Component
  • Provision P0 Access
  1. Integrations
  2. Resource integrations

Google Cloud

Last updated 2 months ago

This topic describes how to set up P0's integration for Google Cloud Platform (GCP). It contains the following sections:

For fine-grained Kubernetes access in Google Kubernetes Engine (GKE), use the P0 .

Prerequisites

  • Existing P0 account at .

  • Existing Google project(s) where you want to install P0.

  • Permissions to create GCP roles and add IAM bindings to your Google project(s).

    • iam.roleAdmin (Role Admin)

    • iam.securityAdmin (Security Admin)

    • orgpolicy.policyAdmin (Organization Policy Admin). This is optional but recommended, to ensure your P0 integration for GCP is as secure as possible

You may need to work with your organization's administrator for the relevant permissions.

Set up Google Cloud Integration

This setup takes about 10 minutes.

Google Cloud Integration requires these key setup steps:

Set up your Organization

You must set up your organization prior to GCP provisioning. To set up p0 for your GCP organization:

  1. Retrieve your organization ID from GCP using one of the following methods:

    • Go to IAM & Admin > Manage Resources. You will find your organization ID listed under the ID field.

  2. Copy and paste your organization ID into the input field and click Next. This enables you to install components that fit your needs.

If a previous Google Cloud integration is present, the field is disabled and pre-populated with the organization ID, so proceed to the next step.

Install a Component

For this example, we’ll install an Identity and Access Management (IAM) component.

The steps are similar for other components.

To install an IAM component:

  1. Choose the component you want to install (e.g. IAM management).

  2. Click Add project to install a new project.

  3. Enter your existing GCP project name into the Project identifier field and click Next.

  4. The resulting page will display GCP and Terraform commands to complete the installation.

Provision P0 Access

To provision access using the GCP shell:

  1. Open Cloud Shell Editor from the left menu, or use the search bar.

  2. Click Open Terminal. This is where you’ll enter your shell commands.

  3. If your browser is logged into multiple Google accounts, enter the command gcloud config set account email@email.com, and replace email@email.com with your account email.

  4. Use the copy button to copy the entire Shell command set.

  5. Paste the commands into the terminal window and press Return.

  1. Return to the configuration page and click Next to begin the installation process.

  2. When the installation completes, click Finish.

  3. (Optional) We recommend that you secure your installation. If you haven’t enabled a domain restriction for your project, you’ll see the following warning message at the top of the Google Cloud page:

Congratulations! You're now set up with P0 on Google Cloud.

Run the command gcloud organizations list in the .

Go to in your browser, navigate to Integrations, and select Google Cloud.

You can provision P0 IAM management Access using or Terraform. For this example, we’ll use the GCP console shell.

You must have access to your project for it to appear in your GCP account. Refer to the for more info.

Go to your and select the project you want to provision.

If an Authorize window appears, click Authorize to grant permission.

πŸ”‘
☁️
Google Cloud Console Shell
p0.app
Google Cloud Console Shell
GCP account
Kubernetes integration
p0.app
Prerequisites
Set up Google Cloud Integration
Set up your Organization
Install a Component
Provision P0 Access
Prerequisites