diff --git a/docs/tutorials/img/gcp-auth-methods.png b/docs/tutorials/img/gcp-auth-methods.png new file mode 100644 index 0000000000..dc8681396e Binary files /dev/null and b/docs/tutorials/img/gcp-auth-methods.png differ diff --git a/docs/tutorials/img/gcp-service-account-creds.png b/docs/tutorials/img/gcp-service-account-creds.png new file mode 100644 index 0000000000..af09776ab1 Binary files /dev/null and b/docs/tutorials/img/gcp-service-account-creds.png differ diff --git a/docs/tutorials/prowler-app.md b/docs/tutorials/prowler-app.md index 0137689147..6234fe7338 100644 --- a/docs/tutorials/prowler-app.md +++ b/docs/tutorials/prowler-app.md @@ -101,7 +101,26 @@ For Azure, Prowler App uses a service principal application to authenticate, for --- ### **Step 4.3: GCP Credentials** -To connect your GCP Project, you need to use the Application Default Credentials (ADC) returned by the `gcloud` CLI. Here’s how to set up: + +For Google Cloud, first enter your `GCP Project ID` and then select the authentication method you want to use: + +- **Service Account Authentication** (**Recommended**) +- **Application Default Credentials** + +**Service Account Authentication** is the recommended authentication method for automated systems and machine-to-machine interactions, like Prowler. For detailed information about this, refer to the [Google Cloud documentation](https://cloud.google.com/iam/docs/service-account-overview). + +GCP Authentication Methods + +#### **Step 4.3.1: Service Account Authentication** + +First of all, in the same project that you selected in the previous step, you need to create a service account and then generate a key in JSON format for it. For more information about this, you can follow the next Google Cloud documentation tutorials: + +- [Create a service account](https://cloud.google.com/iam/docs/creating-managing-service-accounts) +- [Generate a key for a service account](https://cloud.google.com/iam/docs/creating-managing-service-account-keys) + +GCP Service Account Credentials + +#### **Step 4.3.2: Application Default Credentials** 1. Run the following command in your terminal to authenticate with GCP: ```bash