Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • If you want to go with Zilla managed service account based authentication, please reach out to the Zilla support team to get the service account email, support@zillasecurity.com.

  • After getting the email, create a custom role for Zilla with the below command in Cloud shell.

    Code Block
    gcloud iam roles create zilla_security_role --organization=<your-org-id> --permissions=resourcemanager.organizations.get,resourcemanager.organizations.getIamPolicy,iam.roles.get,iam.roles.list,resourcemanager.projects.get,resourcemanager.projects.getIamPolicy,resourcemanager.projects.list,iam.serviceAccounts.list
  • Assign this role to Zilla managed service account with the below command in Cloud shell.

    Code Block
    gcloud organizations add-iam-policy-binding <your-org-id> --member serviceAccount:<zilla-managed-service-account-email> --role organizations/<your-org-id>/roles/zilla_security_role --condition=None
  • Private key and email of the service account will be set by the Zilla support team.

...

  • If you want to use your own service account to authenticate the integration, please create one under any of your projects and grant the permissions below.

    Code Block
    resourcemanager.organizations.get
    resourcemanager.organizations.getIamPolicy
    iam.roles.get
    iam.roles.list
    resourcemanager.projects.get
    resourcemanager.projects.getIamPolicy
    resourcemanager.projects.list
    iam.serviceAccounts.list
  • Private key and emails of the service account will be used in a later step.

...