Create GCP Organization Connector

Enter a name and description (optional) for your connector.

Select applications that are applicable for the connector.  GCP connector can only be created in CloudView application.

Select Enable Remediation to enable remediation on the connector. You need to configure additional permissions before you enable remediation for GCP connectors.

Ensure that you have write access to the Google Cloud Platform project for which you enable remediation. 

Select a frequency at which the connector should poll the cloud provider and fetch data. The designated interval for the Org connector determines when it scans for new or deleted accounts. Choose any period under 24 hours as the interval to run the scan.

By default, the connector polling frequency is configured for every 4 hours. As a result, the connector connect with the cloud provider every 4 hours to fetch the data.

- Project ID: Enter your project ID.

You can provide a distinct project ID for a GCP connector. You can use same service account for multiple projects. As a result, you can create multiple GCP connectors with same service account but distinct project IDs. 

For detailed steps on using the same service account for multiple projects, see Assigning Service Account for Multiple Projects.

- Configuration File: Create a service account and download the configuration file from the GCP console and then upload it to Qualys Cloud Platform.

Note: Ensure that you have uploaded the configuration file with correct project details for the connector to successfully fetch resource details.

Click Test Connection to verify if the connector can successfully authenticate using the provided service account credentials in GCP cloud environment. If the test connection is successful, proceed with the connector creation process. If the test connection fails, you may need to check and update the authentication details (configuration file) you uploaded for the connection to work.

Note: The next steps are enabled only after the test connection is successful.

Select a frequency at which the org connector should poll the cloud provider and fetch data. The designated interval for the project connector determine when the connectors will be run. Choose any period under 24 hours as the interval to run the scan.

By default, the connector polling frequency is configured for every 4 hours. As a result, the connector connects with the cloud provider every 4 hours to fetch the data.

Enter the prefix that is added to the project account connector. This prefix shows which organization the member account connector is connected to.

Configure the organization connector. Here, you can select the Folders where project connectors are created for the accounts present under it. Select all GCP Folders, select specific Folders or exclude Folders.

All- Project connectors will be created for all the accounts under all the Folders.

Select OUs- Project connectors will be created for all the accounts under the selected Folders.

Exclude OUs- Project connectors will not be created for the accounts present under the excluded Folders.

The connector details for GCP Organization connectors also allows you to:

1) Automatically create connectors for new projects by selecting the 'Automatically create connectors for new projects' checkbox. 

2) Automatically disable connectors for the projects you delete by selecting 'Disable connectors for deleted projects' checkbox. 

The connector will automatically scan for these changes during the polling frequency interval. 

Assign tags to the connector that you are creating. You can also create a new tag. For details on creating new tags, see Configure Tags in Qualys CyberSecurity Asset Management documentation. 

Review the connector settings you configured and then click Create Connector.