Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 12. Integrating with Google Cloud Security Command Center


If you are using Google Cloud Security Command Center (Cloud SCC), you can forward alerts from Red Hat Advanced Cluster Security for Kubernetes to Cloud SCC. This guide explains how to integrate Red Hat Advanced Cluster Security for Kubernetes with Cloud SCC.

The following steps represent a high-level workflow for integrating Red Hat Advanced Cluster Security for Kubernetes with Cloud SCC.

  1. Register a new security source with Google Cloud.
  2. Provide the source ID and service account key to Red Hat Advanced Cluster Security for Kubernetes.
  3. Identify the policies you want to send notifications for, and update the notification settings for those policies.

12.1. Configuring Google Cloud SCC

Start by adding Red Hat Advanced Cluster Security for Kubernetes as a trusted Cloud SCC source.

Procedure

  1. Follow the Adding vulnerability and threat sources to Cloud Security Command Center guide and add Red Hat Advanced Cluster Security for Kubernetes as a trusted Cloud SCC source. Make a note of the Source ID that Google Cloud creates for your Red Hat Advanced Cluster Security for Kubernetes integration. If you do not see a source ID after registering, you can find it on the Cloud SCC Security Sources page.
  2. Create a key for the service account you created, or the existing account you used, in the previous step. See Google Cloud’s guide to creating and managing service account keys for details.

12.2. Configuring Red Hat Advanced Cluster Security for Kubernetes for integrating with Google Cloud SCC

You can create a new Google Cloud SCC integration in Red Hat Advanced Cluster Security for Kubernetes by using the source ID and a Google service account.

Prerequisites

Procedure

  1. In the RHACS portal, go to Platform Configuration Integrations.
  2. Scroll down to the Notifier Integrations section and select Google Cloud SCC.
  3. Click New Integration (add icon).
  4. Enter a name for Integration Name.
  5. Enter the Cloud SCC Source ID.
  6. When using a workload identity, check Use workload identity. Otherwise, enter the contents of your service account key file into the Service account key (JSON) field.
  7. Select Create to generate the configuration.

12.3. Configuring policy notifications

Enable alert notifications for system policies.

Procedure

  1. In the RHACS portal, go to Platform Configuration Policy Management.
  2. Select one or more policies for which you want to send alerts.
  3. Under Bulk actions, select Enable notification.
  4. In the Enable notification window, select the Google Cloud SCC notifier.

    Note

    If you have not configured any other integrations, the system displays a message that no notifiers are configured.

  5. Click Enable.
Note
  • Red Hat Advanced Cluster Security for Kubernetes sends notifications on an opt-in basis. To receive notifications, you must first assign a notifier to the policy.
  • Notifications are only sent once for a given alert. If you have assigned a notifier to a policy, you will not receive a notification unless a violation generates a new alert.
  • Red Hat Advanced Cluster Security for Kubernetes creates a new alert for the following scenarios:

    • A policy violation occurs for the first time in a deployment.
    • A runtime-phase policy violation occurs in a deployment after you resolved the previous runtime alert for a policy in that deployment.
Red Hat logoGithubRedditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez leBlog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

© 2024 Red Hat, Inc.