GCP Security 🟠🔐

Google Cloud Platform security services and configuration.

Core Services

Service	Purpose
Security Command Center (SCC)	GCP’s CSPM — centralized security monitoring
Chronicle	Google’s SIEM + threat intel platform
Workload Identity Federation	OIDC/SAML-based access to GCP without keys
Cloud Armor	DDoS protection and WAF
Binary Authorization	Verify container images before deployment

Security Command Center (SCC)

GCP’s cloud-native CSPM. Activate at organization or project level.

# Enable SCC
gcloud services enable securitycenter.googleapis.com
 
# List findings
gcloud scc findings list --organization=<org-id> --severity=HIGH

tiers

SCC Standard — Free, basic findings
SCC Premium — Advanced threat detection, Threat Intelligence

Chronicle

GCP’s SIEM — designed for long-term log storage and threat hunting.

# Ingest logs via Chronicle ingestion
gcloud logging write syslog --severity=ERROR

Workload Identity Federation

Avoid service account keys — federate identity from AWS/Azure/K8s:

# AWS to GCP
gcloud iam workload-identity-pools create aws-pool \
  --organization=<org>
 
gcloud iam workload-identity-pools add-iam-policy-binding aws-pool \
  --member="principal://arn:aws:sts::123456789:assumed-role/MyRole"

cloudnative wiki

Explorer

GCP Security

GCP Security 🟠🔐

Core Services

Security Command Center (SCC)

tiers

Chronicle

Workload Identity Federation

Graph View

Table of Contents

Backlinks

cloudnative wiki

Explorer

GCP Security

GCP Security 🟠🔐

Core Services

Security Command Center (SCC)

tiers

Chronicle

Workload Identity Federation

Related

Graph View

Table of Contents

Backlinks