Welcome to the Netskope One DSPM Knowledge Base

You will find your answers here!

    Sorry, we didn't find any relevant articles for you.

    Send us your queries using the form below and we will get back to you with a solution.

    Publishing to Google Pub/Sub

    Table of Contents

    Configure the Google Service Account Publishing to Different Projects Step A: Retrieve Principal Identifier from Source Project Step B: Configure Pub/Sub Topics in Destination Project

    These instructions assume you have already created the Netskope One DSPM-specific service account within your GCP Project.  For more details, please review Step 1 of our Setup Needed to Onboard GCP Projects article.

    If you would like the Netskope One DSPM platform to send JSON notifications via Google Pub/Sub, follow these steps to further configure the Netskope One DSPM-specific service account.

    Netskope One DSPM supports sending JSON notifications via Google Pub/Sub, either within the same GCP project or between different GCP projects.  This requires granting additional permissions to the Netskope One DSPM-specific service account in GCP.  Please follow the steps below to create the necessary configurations within the GCP console.

    Configure the Google Service Account

    1. Click this link to log into your GCP IAM Console, which will navigate you to IAM & Admin.
    2. In the header, ensure you are in the context of the GCP Project you wish to use for publishing messages.
    3. Under the PERMISSIONS tab, find the Netskope One DSPM-specific service account and click its pencil icon (circled below).
    4. On the slide-out panel, configure the service account's access by granting the following additional GCP IAM role: (more information about GCP's Pub/Sub roles is available here)
      1. Pub/Sub Editor
    5. Click the SAVE button.
       

    Publishing to Different Projects

    In some cases, the GCP Pub/Sub Topic you wish to receive JSON notifications resides within a different GCP project than the one used by your Netskope One DSPM instance.  Please follow the steps below to configure the destination GCP project's Pub/Sub Topic.

    Step A: Retrieve Principal Identifier from Source Project

    1. Click this link to log into your GCP IAM Console, which will navigate you to IAM & Admin.
    2. In the header, ensure you are in the context of the GCP Project you wish to use for publishing messages.
    3. Under the PERMISSIONS tab, find the Netskope One DSPM-specific service account and copy its principal value (circled below):

    Step B: Configure Pub/Sub Topics in Destination Project

    1. Click this link to log into your GCP Pub/Sub Console, which will navigate you to the Topics list.
    2. If necessary, switch to the GCP Project which will contain the destination GCP Pub/Sub Topic.
    3. For each GCP Pub/Sub Topic you wish to receive Netskope One DSPM notifications:
      1. Mark their checkbox in the Topics list
      2. In the side-panel, under the PERMISSIONS tab, click the ADD PRINCIPAL button.
      3. On the next screen, complete the following fields:
        1. New principals: paste the principal value copied during Step A above
        2. Role: configure the principal's access by granting the following GCP IAM role: (more information about GCP's Pub/Sub roles is available here)
          1. Pub/Sub Publisher
    4. Click the SAVE button.

    Was this article helpful?

    Still can't find what you are looking for?

    Contact Netskope Technical Support