Google Cloud Integration

Configuring Google Cloud Storage as Destination

Realm Security supports integration with Google Cloud Storage as a destination. This guide provides instructions for configuring Google Cloud Storage to receive data from Realm.

Step 1: Create GCS Bucket

1. Login to the GCS console.
2. Navigate to Cloud Storage > Buckets > Create Bucket.

3. Enter a name for the bucket, for example: Realm-Archive.
4. Select Standard storage.
5. Click Create.

6. Review the bucket configuration.

Step 2: Create a Service Account

1. Go to IAM > Service Accounts.
2. Click Create Service Account.

3. Enter a name for the service account:

   Name: realm-archive-account

4. Click Create and Continue.
5. Grant permission to write to the bucket:
   • Add role > Cloud Storage > Storage Object Creator

6. Add an IAM condition to restrict access to just one bucket:

resource.service == "storage.googleapis.com" &&
resource.name.startsWith("projects/_/buckets/REPLACE_WITH_BUCKET_NAME")

7. Select the service account.

8. Go to Keys > Create Key > JSON.

9. Click Create. The service account key will be downloaded to your local machine. Open the key in a text editor, select all contents, and copy to clipboard.

Step 3: Create a Destination in Realm for GCS Archive

1. Navigate to Destinations > Add Destination.

   Name: ArchiveType: Data Lake

2. Under Destinations, select Add New Source.
   • Connect the relevant log source (e.g., FortiGate, Azure, etc.) to the destination.
3. Go to Output Feeds > Add Output Feed.
   • Choose GCS output feed.

   Name: GCS ArchiveBucket Name: Enter the name of the bucket created above Service Account Key: Paste the service account key copied earlier

Related Resources

• Setup GCS Service Account Key
• Setup GCS Workload Identity Federation