Export Data to a Google Cloud Storage Bucket
Set up continuous export of assets and vulnerabilities from Mondoo to a Google Cloud Storage bucket.
Export your Mondoo security data to a Google Cloud Storage bucket for long-term retention, custom reporting, or integration with your GCP data pipeline. Once configured, Mondoo automatically exports assets and vulnerabilities approximately every 24 hours.
Requirements
-
A GCP account
-
Editor or Owner access to the space from which you want to export data
Create a service account for your Google Cloud Storage integration
To access the data it needs, your Cloud Storage integration needs a GCP service account. To learn about service accounts, read Understanding service accounts in the Google documentation.
-
Create a new GCP service account for the Mondoo integration to use.
For instructions, read Creating and managing service accounts in the Google documentation.
Note the email address created for the new service account.
-
Create a JSON key for the service account.
For instructions, read Create and manage service account keys in the Google documentation.
Save the JSON file that downloads to your workstation when you create the key. You need it to configure the integration (in the next section below).
Create a Cloud Storage bucket
Your Cloud Storage integration needs a bucket to which to export data. To learn about buckets, read About Cloud Storage buckets in the Google documentation.
-
Create a new GCP Cloud Storage bucket for the Mondoo integration to use. For instructions, read Create buckets in the Google documentation.
-
Assign the "Storage Object Creator" role (roles/storage.objectCreator) for the bucket to the GCP service account you created in the instructions above.
For instructions, read Manage access to projects, folders, and organizations in the Google documentation.
For a description of the permissions that the "Storage Object Creator" role grants, read Understanding roles in the Google documentation.
Add a Cloud Storage integration
-
In the Mondoo Console, navigate to the space from which you want to export data. In the side navigation bar, select Integrations. Under Exports, select GCP Cloud Storage Bucket.
-
Enter a name for the integration.
-
In the Bucket name box, enter the name of the bucket you created in the previous section.
-
Under Export as, select .jsonl or .csv.
-
Under Provide your Google service account config, drag and drop the JSON key file you downloaded earlier, or select the cloud icon to browse for it.
-
Select CREATE EXPORT.
Mondoo begins exporting data from your space. When the initial export completes, the status becomes active. Exports then run automatically approximately every 24 hours.
Manage your integration
To view your integration, select Cloud Storage under Integrations in the side navigation bar, then select the integration.
Trigger a manual export
Exports run approximately every 24 hours. To export immediately, select the SCHEDULE NOW button on the integration detail page.
Statuses
| Status | Meaning |
|---|---|
| active | The integration is healthy and exporting on schedule. |
| pending | Mondoo has not yet attempted the first export. |
| error | Mondoo encountered an error during the last export. |
Remove the integration
Select the trash can icon and confirm the deletion. Mondoo stops future exports but does not delete data already exported to Cloud Storage.