Overview
Integrating with Google Cloud Platform allows Bridgecrew to perform scans using read-only API calls. This integration is done using a Terraform template.
Prerequisites
Before you start this integration, make sure you have:
- A valid GCP credentials file
- Terraform version 0.12 installed
- The curl command-line tool (installed on the same instance running terraform)
You can use the output of terraform plan
to view details of the resources before they are created. The resources that will be created as part of this integration are:
- Google project service
- Service account with the viewer role
- Service account credential
- Notification to Bridgecrew for the integration
In Bridgecrew
- Under Integrations, press GCP Read Only and then Add Project.


- Copy the Terraform module code.


In Terraform
- Paste the module you copied into your Terraform file. If you are creating a new GCP-terraform deployment file, add a
provider
block with the name of yourcredentials
file andproject
as shown below.
provider "google" {
credentials = file("credentials.json")
project = "my_project"
}
module "bridgecrew-read" {
source = "bridgecrewio/bridgecrew-gcp-read-only/google"
org_name = "my_org"
bridgecrew_token = "b4667191-6e30-5489-bbb8-030c3f7772eb"
}
Note
Do not change the values of
source
,org_name
andbridgecrew_token
.
- Run
terraform init
. - Run
terraform apply
.
When the terraform run is complete, the integration details will appear in Bridgecrew Cloud under Integrations>GCP Read Only.
Updated 10 days ago