DocumentationAPI ExplorerRecipesCommunityChangelogRSSSubscribe
Changelog
Back to All
improved

Vulnerability Management: Google Cloud Platform Workload Identity Federation Connector

2 days ago by Lance Duvall

Tenable has updated the cloud connector API to add support for Google Cloud Platform (GCP) connectors with Workload Identity Federation (WIF) authentication. This enables customers to authenticate with GCP via WIF instead of managing service account keys when creating GCP connectors. A GCP connector is used to discover Google Cloud Platform assets and import them to Tenable Vulnerability Management.

For more information, see Create a GCP Connector with Workload Identity Federation Authentication in the Tenable Vulnerability Management User Guide and Workload Identity Federation in the Google Cloud Platform documentation.

This update affects the following endpoints:

EndpointNameDescription
POST /settings/connectorsCreate connectorCreates a Tenable Vulnerability Management cloud connector.
PUT /settings/connectors/{connector_id}Update connectorUpdates the specified connector. You can change the connector name, associated service accounts, and schedule. You cannot change the connector type for an existing connector.

Example

For example, to create a GCP cloud connector with Workload Identity Federation authentication, you could use a cURL request like the following:

curl --request POST \
     --url https://cloud.tenable.com/settings/connectors \
     --header 'X-ApiKeys: accessKey=<YOURKEY>;secretKey=<YOURKEY>' \
     --header 'accept: application/json' \
     --header 'content-type: application/json' \
     --data '
{
  "connector": {
    "name": "My GCP WIF Connector",
    "type": "gcp_keyless",
    "schedule": {
      "units": "days",
      "value": 1
    },
    "params": {
      "credentials_config": "bwogICJ1bml2ZXJzZV9kb21haW4iOiAiZ29vZ23lYXBpcy5jb20iLAogICJ0eXBlIjogImV4dGVybmFsX2FjY291bnQiLAogICJhdWRpZW5jZSI6ICIvL2lhbS5nb29nbGVhcGlzLmNvbS9wcm9qZWN0cy8zMDE5MjI5OTk3NDYvbG9jYXRpb25zL2dsb2JhbC93b3JrbG9hZElkZW50aXR5UG9vbHMvYmhvbGxvd2VkLXdpZi10ZXN0LXBvb2wvcHJvdmlkZXJzL2Job2xsb3dlZC13aWYtdGVzdC1wcm92aWRlciIsCiAgInN1YmplY3RfdG9rZW5fdHlwZSI6ICJ1cm46aWV0ZjpwYXJhbXM6YXdzOnRva2VuLXR5cGU6YXdzNF9yZXF1ZXN0IiwKICAic2VydmljZV9hY2NvdW50X2ltcGVyc29uYXRpb25fdXJsIjogImh0dHBzOi8vaWFtY3JlZGVudGlhbHMuZ29vZ2xlYXBpcy5jb20vdjEvcHJvamVjdHMvLS9zZXJ2aWNlQWNjb3VudHMvYmhvbGxvd2VkLXdpZi10ZXN0QGNjai1wcm9qZWN0LTEyMzQuaWFtLmdzZXJ2aWNlYWNjb3VudC5jb206Z2VuZXJhdGVBY2Nlc3NUb2tlbiIsCiAgInRva2VuX3VybCI6ICJodHRwczovL3N0cy5nb29nbGVhcGlzLmNvbS92MS90b2tlbiIsCiAgImNyZWRlbnRpYWxfc291cmNlIjogewogICAgImVudmlyb25tZW50X2lkIjogImF3czEiLAogICAgInJlZ2lvbl91cmwiOiAiaHR0cDovLzE2OS4yNTQuMTY5LjI1NC9sYXRlc3QvbWV0YS1kYXRhL3BsYWNlbWVudC9hdmFpbGFiaWxpdHktem9uZSIsCiAgICAidXJsIjogImh0dHA6Ly8xNjkuMjU0LjE2OS4yNTQvbGF0ZXN0L21ldGEtZGF0YS9pYW0vc2VjdXJpdHktY3JlZGVudGlhbHMiLAogICAgInJlZ2lvbmFsX2NyZWRfdmVyaWZpY2F0aW9uX3VybCI6ICJodHRwczovL3N0cy57cmVnaW9ufS5hbWF6b25hd3MuY29tP0FjdGlvbj1HZXRDYWxsZXJJZGVudGl0eSZWZXJzaW9uPTIwMTEtMDYtMTUiCiAgfQv4"
    }
  }
}
'