Google Cloud Platform (GCP)

May 24, 2026

Connect Google Cloud to automatically collect evidence from your GCP infrastructure for compliance frameworks.

What is Google Cloud Platform?

Google Cloud Platform (GCP) is Google's suite of cloud services. If your organization runs infrastructure, data pipelines, or workloads on GCP, this integration allows Imara to automatically monitor your cloud environment and collect the evidence auditors need.

What Imara collects from GCP

  • IAM policies — who has access to which GCP projects and resources
  • Service account usage and key rotation status
  • Cloud Storage bucket configurations — public access and encryption settings
  • Cloud Audit Logs status and retention configuration
  • Compute Engine instance configurations

Required GCP permissions

Imara requires a GCP Service Account with the following roles:

  • Security Reviewer (roles/iam.securityReviewer) — read access to IAM policies and security configurations
  • Viewer (roles/viewer) — read-only access to resource configurations

These roles are read-only. Imara never writes to or modifies your GCP environment.

How to connect

  1. In Imara, go to Integrations and select Google Cloud Platform.
  2. Click Connect to start the setup flow.
  3. In your GCP console, create a Service Account in the target project and assign the required roles.
  4. Generate a JSON key for the Service Account.
  5. Upload the JSON key in the Imara setup dialog and click Connect.

Frameworks supported

SOC 2, ISO 27001, NIST CSF, NIST 800-53, PCI DSS.

What to expect

After connecting, Imara performs an initial scan of your GCP environment and maps findings to controls in your active frameworks. Ongoing syncs keep evidence up to date, and alerts notify your team when configuration drift is detected.