GCP Recommendation Actions
This page has moved
For up-to-date information about GCP Configuration options, go to GCP Additional Configuration.
If properly configured, InsightCloudSec can harvest GCP Recommendations as a resource (found under Identity & Management on the Resources page). Supported Recommendation subtypes (see below) can be acted upon from within InsightCloudSec, with the results/resolution being propagated to GCP for easier principal management. InsightCloudSec supports applying recommendations for both Organizations and Projects.
Currently supported Recommender subtypes are:
Before you can apply recommendations in InsightCloudSec, you'll need the following:
- Permissions to view, apply, and dismiss recommendations in GCP. The required permissions should be added to the InsightCloudSec role you created during GCP - Onboarding. Review GCP's Recommendations documentation for more information.
- Domain Admin permissions within InsightCloudSec
Using GCP Recommendation Actions
After the InsightCloudSec role associated with the GCP Project/Organization has appropriate permissions, you can apply recommendations from the Resources page.
- Login to InsightCloudSec and go to Resource > Resources.
- Click Identity & Management, then click Recommendation.
- (Optional) To open the properties for the resource, click the hyperlink in the Affected Resource Name column.
- Click the Resource Properties icon for the Recommendation you want to address
- Ensure the Subtype column contains a supported subtype.
- Click Actions, then click Apply recommendation.
- Click Submit to confirm the application.
This will propagate the change to the relevant GCP account, and the recommendation will be accepted. The relevant changes will be made based on that recommendation for that Principal.