To use FortiCWP with Google Cloud Platform, you must have a Google Workspace account, service account, and the JSON private key associated with the service account.
The service account must have “Domain-wide Delegation” enabled and Project Owner/Organization Administrator roles for monitoring.
Your Google Workspace account can be either an existing account or a new account. If you have just created a new account, you must wait for at least 24 hours for the account to take effect before granting it access to FortiCWP.
The Google Workspace account to be added to FortiCWP requires a Super Admin Role or Custom User Role (recommended) assigned.
It is recommended to create a user within the Google Workspace account, assign it with the Custom User Role, then add the account to FortiCWP.
- Configure Google Workspace Account
- Configure OAuth Consent Screen
- Configure Service Account
- Grant Service Account API Access
- Grant Service Account and Organization Roles
- Enable required APIs
- Enable activity and alert monitoring
- Add Google Cloud Account
There are two steps that require Google Workspace Account with Super Admin role to be completed:
The user account that will be added to FortiCWP will not be able to perform the two configurations above.