{"id":50779683,"url":"https://github.com/rad-security/terraform-google-rad-security-connect","last_synced_at":"2026-06-12T02:04:12.430Z","repository":{"id":266864983,"uuid":"899540524","full_name":"rad-security/terraform-google-rad-security-connect","owner":"rad-security","description":"A terraform module for allowing Rad Security to connect to your Google Cloud account.","archived":false,"fork":false,"pushed_at":"2026-05-26T20:58:29.000Z","size":19,"stargazers_count":0,"open_issues_count":1,"forks_count":1,"subscribers_count":5,"default_branch":"main","last_synced_at":"2026-05-26T22:23:28.757Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rad-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-12-06T13:32:39.000Z","updated_at":"2026-04-21T10:22:52.000Z","dependencies_parsed_at":"2024-12-06T16:39:35.245Z","dependency_job_id":"1fff1bb9-2eb4-46ce-9486-e784603d17b1","html_url":"https://github.com/rad-security/terraform-google-rad-security-connect","commit_stats":null,"previous_names":["rad-security/terraform-google-rad-security-connect"],"tags_count":4,"template":false,"template_full_name":null,"purl":"pkg:github/rad-security/terraform-google-rad-security-connect","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rad-security%2Fterraform-google-rad-security-connect","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rad-security%2Fterraform-google-rad-security-connect/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rad-security%2Fterraform-google-rad-security-connect/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rad-security%2Fterraform-google-rad-security-connect/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rad-security","download_url":"https://codeload.github.com/rad-security/terraform-google-rad-security-connect/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rad-security%2Fterraform-google-rad-security-connect/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34225366,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-12T02:00:06.859Z","response_time":109,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-06-12T02:04:11.602Z","updated_at":"2026-06-12T02:04:12.396Z","avatar_url":"https://github.com/rad-security.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-google-rad-security-connect\n\nA Terraform module that establishes secure connectivity between your Google Cloud project and RAD Security's platform for cloud resource discovery and monitoring.\n\n## Overview\n\nThis module creates and configures the necessary IAM roles and permissions to allow Rad Security to securely discover and monitor resources within your Google Cloud project. It utilizes Google Cloud's Workload Identity Federation to authenticate to your Google Cloud project without the need for creating static credentials.\n\n## Installation\n\nTo use this module, add the following to your Terraform configuration:\n\n```hcl\nterraform {\n  required_providers {\n    google = {\n      source  = \"hashicorp/google\"\n      version = \"\u003e= 4.0.0\"\n    }\n    rad-security = {\n      source  = \"rad-security/rad-security\"\n      version = \"\u003e= 1.1.6\"\n    }\n  }\n}\n\nprovider \"rad-security\" {\n  access_key_id        = \"YOUR_RAD_ACCESS_KEY_ID\"\n  secret_key           = \"YOUR_RAD_SECRET_KEY\"\n}\n\nprovider \"google\" {\n   // Your Google Cloud Terraform Provider configuration here\n}\n```\n\n## Features\n\n- Creates a custom IAM role with least-privilege permissions for cloud resource discovery\n- Sets up Workload Identity Federation for secure cross-cloud authentication\n- Configures service accounts and necessary bindings\n- Registers your Google Cloud project with RAD Security's platform\n\n## Important Notes\n\n- This module currently supports project-level access only\n- Organization-level support is not yet implemented\n- Uses AWS as the identity provider for Workload Identity Federation\n\n## How It Works\n\n1. Creates a custom IAM role with read-only permissions required for Google Cloud resource discovery.\n2. Sets up a Workload Identity Pool and Provider to authenticate RAD Security's AWS role for authentication.\n3. Creates a dedicated service account in the target Google Cloud project for RAD Security.\n4. Configures necessary IAM bindings between the service account and Workload Identity Pool\n5. Registers your Google Cloud project with RAD Security's platform\n\n## Configuration Options\n\n### Required Configuration\n- Configure your Google Cloud provider authentication\n- Ensure the necessary Google Cloud APIs are enabled:\n  - IAM API\n  - Cloud Resource Manager API\n  - Security Token Service API\n\n### Optional Parameters\n| Parameter | Description | Default |\n|-----------|-------------|---------|\n| gcp_project_name | Your GCP project name | Current project |\n| gcp_project_number | Your GCP project number | Current project |\n| aws_account_id | RAD Security's AWS account ID | 652031173150 |\n| aws_role_name | RAD Security's AWS Role Name | rad-security-connector |\n\n## Usage Examples\n\n### Basic Usage\n```hcl\nmodule \"rad_security_connect\" {\n  source = \"rad-security/rad-security-connect/google\"\n}\n```\n\n### Custom Project Configuration\n```hcl\nmodule \"rad_security_connect\" {\n  source             = \"rad-security/rad-security-connect/google\"\n  gcp_project_name   = \"my-production-project\"\n  gcp_project_number = \"123456789012\"\n}\n```\n\n\u003c!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n## Requirements\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 1.0.8 |\n| \u003ca name=\"requirement_rad-security\"\u003e\u003c/a\u003e [rad-security](#requirement\\_rad-security) | \u003e= 1.1.6 |\n\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_google\"\u003e\u003c/a\u003e [google](#provider\\_google) | n/a |\n| \u003ca name=\"provider_rad-security\"\u003e\u003c/a\u003e [rad-security](#provider\\_rad-security) | \u003e= 1.1.6 |\n\n## Modules\n\nNo modules.\n\n## Resources\n\n| Name | Type |\n|------|------|\n| [google_iam_workload_identity_pool.rad_security_identity_pool](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/iam_workload_identity_pool) | resource |\n| [google_iam_workload_identity_pool_provider.rad_aws_provider](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/iam_workload_identity_pool_provider) | resource |\n| [google_project_iam_binding.rad_cloud_connect_access](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_binding) | resource |\n| [google_project_iam_custom_role.rad_cloud_connect](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/project_iam_custom_role) | resource |\n| [google_service_account.rad_cloud_connect](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account) | resource |\n| [google_service_account_iam_binding.rad_workload_identity_user](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_account_iam_binding) | resource |\n| [rad-security_google_cloud_register.this](https://registry.terraform.io/providers/rad-security/rad-security/latest/docs/resources/google_cloud_register) | resource |\n| [google_project.current](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/project) | data source |\n\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_aws_account_id\"\u003e\u003c/a\u003e [aws\\_account\\_id](#input\\_aws\\_account\\_id) | RAD Security's AWS account ID to authenticate with your Google Cloud project | `string` | `\"955322216602\"` | no |\n| \u003ca name=\"input_aws_role_name\"\u003e\u003c/a\u003e [aws\\_role\\_name](#input\\_aws\\_role\\_name) | RAD Security's AWS Role Name to authenticate with your Google Cloud project | `string` | `\"rad-security-connector\"` | no |\n| \u003ca name=\"input_gcp_project_name\"\u003e\u003c/a\u003e [gcp\\_project\\_name](#input\\_gcp\\_project\\_name) | GCP project name (optional - will use current project name if not specified) | `string` | `null` | no |\n| \u003ca name=\"input_gcp_project_number\"\u003e\u003c/a\u003e [gcp\\_project\\_number](#input\\_gcp\\_project\\_number) | GCP project number (optional - will use current project number if not specified) | `string` | `null` | no |\n\n## Outputs\n\nNo outputs.\n\u003c!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frad-security%2Fterraform-google-rad-security-connect","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frad-security%2Fterraform-google-rad-security-connect","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frad-security%2Fterraform-google-rad-security-connect/lists"}