Connect GCP Account with Blue Hexagon - Legacy

Owned by Andrew Nelson (Unlicensed)
Last updated: Nov 28, 2022 by Song Wrensch (Unlicensed)
1 min read

Step 1: Enable API

Login to the GCP account you wish to connect with Blue Hexagon and enable (e.g. via cloud shell) the following APIs.

gcloud services enable appengine.googleapis.com bigquery.googleapis.com cloudfunctions.googleapis.com cloudresourcemanager.googleapis.com cloudkms.googleapis.com compute.googleapis.com container.googleapis.com dataflow.googleapis.com dns.googleapis.com dataproc.googleapis.com iam.googleapis.com sqladmin.googleapis.com storage-component.googleapis.com recommender.googleapis.com monitoring.googleapis.com logging.googleapis.com serviceusage.googleapis.com 

Step 2: Create Service Account

Name the service account, e.g. bluehexagonsecurity

Grant the service account the following permissions:

  • Viewer

  • Security Reviewer

  • Storage Object Viewer

Step 3: Create and Export JSON Key File

Step 4: Register Keyfile

Use attached script (bh_gcp_registration.py) to register keyfile as follows:

python3 ./bh_gcp_registration.py -k keyfile.json -l <gcp saas license>

If you so wish, you can alternatively share the JSON key file with your Blue Hexagon representative, who will complete the registration for you.

Step 5: Scanning

Scanning will begin immediately once the account registration has been completed and results will show in the Blue Hexagon portal.

Blue Hexagon Proprietary