Links

Google Cloud Platform

GCP (Google Cloud Platform) is a cloud computing platform provided by Google. Resmo can connect to a GCP account to collect configuration data from various GCP resources, including Compute Engine instances, Cloud Storage buckets, VPC firewall rules, and IAM users. Resmo can help users monitor the configuration of their GCP resources, detect security issues, and ensure best practices are followed.
With Resmo's SQL queries, users can ask complex questions about their GCP configuration data. For example:
  • Which Compute Engine instances are exposed to the internet?
  • Which Cloud Storage buckets are publicly accessible?
  • Which VPC firewall rules allow traffic from all IP addresses?
  • Which IAM users have not logged in within the last 90 days?
  • Which databases are not encrypted?
Users can also set alarms to receive notifications when critical changes occur in their GCP resources. For example:
  • Receive an alert when a new Compute Engine instance is created.
  • Receive an alert when a VPC firewall rule's configuration is changed.
  • Receive an alert when a Cloud Storage bucket's permissions are changed.
  • Receive an alert when a new IAM user is created.
  • Receive an alert when a database's encryption status changes.
Resources
Key
Supports Events
API Gateway API
​gcp_apigateway_api​
​
API Gateway API Config
​
API Gateway Gateway
​
AppEngine Application
​
AppEngine Instance
​
AppEngine Service
​
AppEngine Version
​
BigQuery Dataset
​
BigQuery Model
​gcp_bigquery_model​
​
BigQuery Table
​gcp_bigquery_table​
​
BigTable Application Profile
​
BigTable Backup
​
BigTable Cluster
​
BigTable Instance
​
BigTable Table
​gcp_bigtable_table​
​
Function
​gcp_cloud_function​
​
Cloud Storage Bucket
✓
Compute Backend Bucket
​
Compute Backend Service
​
Compute Disk
​gcp_compute_disk​
​
Compute Health Check
​
Compute Instance
✓
Compute Instance Group
​
Compute LoadBalancer
​
Compute Project
​
Compute Snapshot
​
Compute SSL Policy
​
Compute Target HttpProxy
​
Compute Target HttpsProxy
​
Compute Target SSLProxy
​
DNS Managed Zone
​
DNS Policy
​gcp_dns_policy​
​
DNS Record Set
​gcp_dns_record_set​
​
GKE Cluster
​gcp_gke_cluster​
✓
IAM Policy
​gcp_iam_policy​
​
IAM Role
​gcp_iam_role​
​
IAM Service Account
​
IAM Service Account Key
​
KMS Crypto Key
​gcp_kms_crypto_key​
​
KMS Keyring
​gcp_kms_keyring​
​
Logging Metric
​gcp_logging_metric​
​
Logging Sink
​gcp_logging_sink​
​
Memcache Instance
​
Monitoring Alert Policy
​
GCP Organization
​gcp_organization​
​
GCP Project
​gcp_project​
​
GCP Project Service
​
PUB/SUB Subscription
✓
PUB/SUB Topic
​gcp_pubsub_topic​
✓
Redis Instance
​gcp_redis_instance​
​
GCP Region
​gcp_region​
​
Spanner Database
​
Spanner Instance
​
Spanner Instance Config
​
SQL Backup
​gcp_sql_backup​
​
SQL Database
​gcp_sql_database​
​
SQL Instance
​gcp_sql_instance​
​
VPC Address
​gcp_vpc_address​
​
VPC Firewall
​gcp_vpc_firewall​
✓
VPC Forwarding Rule
​
VPC Network
​gcp_vpc_network​
✓
VPC Subnet
​gcp_vpc_subnet​
✓