Help Center
Go back to application
Help Center
Go back to application
Platform Terms Glossary
Task Management
Task Management explained Creating Tasks Setting up Task NotificationsGiving permissions to team members
Organization
Working together in KertosInviting UsersCreating rolesAssigning System AccessCreating Departments and Assigning Users
Integrations
Discovery
Tasks
Device Management
Human Resource Information Systems
Inventory
Inventorization of vendorsInventorization of systemsInventorization of assetsEU AI Act: Inventorization of AI use cases
Risks
Managing risksApplying controls to risks
Trust Center
Setting up your trust center
Incidents
Reporting incidents
KAIA
KAIA explainedPrinciples of AI at Kertos
Interacting with KAIA
Compliance
Frameworks explainedManaging & implementing controlsCreating & managing policiesCompleting & assigning trainings
Privacy Management
Creating a RoPACreating TOMsCreating DPIAs
Data Subject Requests
API Reference
Ingress API Docs for DSRs Webhook API Docs for DSRs
Auto Checks
Auto Checks explainedAuto Checks: AWS Auto Checks: GCPAuto Checks: AzureAuto Checks Integration Guide for AzureAuto Checks Integration Guide for GCP
AWS Auto Checks Detailed Explanations

Auto Checks Integration Guide for GCP

This guide is for users who have already integrated GCP with Kertos and now want to reconfigure their setup to enable the Auto Checks feature.

Important:
You must have admin rights in your Google Cloud environment to complete the setup.
Without sufficient permissions, you won’t be able to assign the necessary roles, enable APIs, or create service accounts.

Why reconfigure?
Since the launch of the Auto Checks feature on June 10th, 2025, Kertos requires additional permissions in your GCP environment.
These permissions go beyond the original GCP integration setup. Without them, Auto Checks cannot scan and validate your cloud configurations against ISO 27001 controls.

First Time Setting Up GCP Integration?

If you haven't yet integrated GCP with Kertos, follow our full step-by-step onboarding guide here:
https://docs.kertos.io/en/article/discovery-setup-gcp 

Permissions Required

To enable Auto Checks, follow these steps to create a service account with the correct roles and generate a new key file:

Step 1: Enable Required APIs

  1. Go to Google Cloud Console and log in with admin access
  2. Select your project from the top bar
  3. Navigate to APIs & Services → Library
  4. Enable the following APIs:
  5. Cloud Resource Manager API
  6. Cloud Asset API
  7. Compute Engine API
  8. Cloud SQL Admin API

Step 2: Create Service Account and Assign Roles

  1. Navigate to IAM & Admin → Service Accounts
  2. Click Create Service Account
  3. Name it (e.g., Kertos Discovery) and click Create and Continue
  4. Assign the following roles:
  5. Viewer
  6. Cloud Asset Viewer
  7. Service Usage Consumer
  8. Security Reviewer
  9. Click ContinueDone

Step 3: Generate Key for Service Account

  1. In the Service Accounts list, locate your new service account
  2. Open the Keys tab
  3. Click Add Key → Create new key
  4. Choose JSON format → Click Create
  5. Save the key file securely — it will be needed to complete setup in Kertos

Once this is complete, make sure to toggle "Enable Auto Checks" ON and run a sync in Kertos.

 

Was this article helpful?

Powered by Product Fruits