Setup Cloud SCC Notification

[Mike Williams]

Hey all,

I was hoping someone could clarify some of the Cloud SCC setup documentation.

We're trying to use terraform through Cloud Build to install, setup, and maintain, Forseti.

Right now I'm at the point of enabling Cloud SCC notifications and the documentation is confusing/unclear.

It is implied that one can use terraform to configure the integration.
https://forsetisecurity.org/docs/latest/configure/notifier/#setup

"Using Terraform"

Which is what I've done.

forseti_conf_server.yaml was updated to change violation.cscc.enabled from false to true, and set violation.cscc.source_id to the finding source we also had terraform create.

```

@@ -587,11 +587,11 @@

 

     violation:

       cscc:

-        enabled: false

+        enabled: true

         # Cloud SCC uses a source_id. It is unique per

         # organization and must be generated via a self-registration process.

         # The format is: organizations/ORG_ID/sources/SOURCE_ID

-        source_id: 

+        source_id: organizations/..../sources/....

 

     inventory:

       gcs_summary:

```

However it doesn't seem like anything has actually happened.

Have we just misunderstood the documentation and it is still necessary for someone to manually install and configure the connector?

My personal level of access to the org is quite limited so it is possible I'm just not able to see the changes Forseti has made. I certainly don't see "Add Security Sources" to select on the dashboard, but that could easily just be Google having changed the layout/wording of the dashboard.

Cheers

Mike