Skip to main content

Privacera Documentation

Set up Discovery on GCP for Privacera Platform

This topic allows you to set up the GCP configuration for installing Privacera Discovery in a Docker and Kubernetes environment.

Prerequisites for setting up Discovery on GCP

Ensure the following prerequisites are met:

  • Create a service account and add the following roles. For more information, refer to Creating a new service account.

    • Editor

    • Owner

    • Private Logs Viewer

    • Kubernetes Engine Admin (Required only for a Kubernetes environment)

  • Create a Bigtable instance and get the Bigtable Instance ID. For more information, refer to Creating a Cloud Bigtable instance.

CLI configuration for Discovery on GCP

  1. SSH to the instance where Privacera is installed.

  2. Run the following commands.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.discovery.gcp.yml config/custom-vars/
    vi config/custom-vars/vars.discovery.gcp.yml
    
  3. Edit the following properties. For property details and description, refer to the Configuration Properties below.

    BIGTABLE_INSTANCE_ID: "<PLEASE_CHANGE>"
    DISCOVERY_BUCKET_NAME: "<PLEASE_CHANGE>"
    
  4. (Optional) If you want to customize Discovery configuration further, you can add custom Discovery properties. For more information, refer to Set custom Discovery properties on Privacera Platform.

    For example, by default, the username and password for the Discovery service is padmin/padmin. If you choose to change it, refer to Add custom properties using Privacera Manager on Privacera Platform.

  5. For real-time scanning, run the following.

    cd ~/privacera/privacera-manager
    cp config/sample-vars/vars.pkafka.gcp.yml config/custom-vars/
    

    Note

    • Recommended: Use Google Sink based approach to enable real-time scan of applications on different projects, click here.

    • Optional: Use Google Logging API based approach to enable real-time scan of applications on different projects, click here.

  6. Run the following commands.

    cd ~/privacera/privacera-manager
    ./privacera-manager.sh update
    

Configuration properties for Discovery on GCP

Property

Description

Example

BIGTABLE_INSTANCE_ID

Get the value by navigating to Navigation Menu > Databases > BigTable > Check the instance id column.

BIGTABLE_INSTANCE_ID: "table_1"

DISCOVERY_BUCKET_NAME

Give a name where the Discovery will store it's metadata files.

DISCOVERY_BUCKET_NAME="bucket_1"