Google Cloud Platform connector
Overview
Google Cloud Platform is a popular cloud platform for enterprises. ConductorOne connects with your Google Cloud Platform instance to provide visibility and permission management on users, projects, and roles.
Availability
✅ General availability. The Google Cloud Platform connector is available to all ConductorOne users.
Capabilities
- Sync identities from Google Cloud Platform to ConductorOne
- Entitlements supported:
- Google Cloud Platform projects
- Google Cloud Platform roles
Requirements
To connect your Google Cloud Platform environment, you will need:
- Super Administrator role in ConductorOne
- The permission to make a service account in Google Cloud Platform
Integrate your Google Cloud Platform instance
Step 1: Create a new project
-
In Google Cloud Platform the toolbar, click the project select dropdown, then click NEW PROJECT.
-
Create a new project for your organization:
- Project Name: Choose a name such as “ConductorOne Integration”
- Organization/Location: Choose any organization and location
After the project is created, make sure the correct project is selected in the dropdown at the top.

Step 2: Enable APIs
-
In the navigation menu, navigate to > APIs & Services > Library.
-
Search for and select the following APIs:
- Identity and Access Management (IAM) API
- Cloud Resource Manager API
- Cloud Asset API
- Admin SDK API
-
Click Enable.
Step 3: Create a service account
-
In the navigation menu, navigate to > APIs & Services > Credentials.
-
Select CREATE CREDENTIALS > Service Account.
-
Under Service account details, fill in the following:
- Service account name: ConductorOne Integration
- Service account description: for example, “Service account for ConductorOne Google Cloud Platform Integration”
- Click CREATE AND CONTINUE
-
Under Grant this service account access to a project, grant the appropriate permission level:
- Viewer to run access reviews on your Google Cloud Platform users
- Editor to provision access via ConductorOne and run access reviews
-
Leave Grant users access to this service account blank.
-
Click DONE.
Step 4: Grant your service account access to your organization
-
Navigate to your organization by selecting your organization from the dropdown.
-
Navigate to the IAM tab from the left nav and click ADD button located at the top of the page.
-
For the principal, use the service accountId for the service account you created in Step 3.
-
Select the appropriate roles:
- Organization Viewer and Viewer to run access reviews on your Google Cloud Platform users
- Organization Administrator and Editor to provision access via ConductorOne and run access reviews
-
Click Save.
Step 5: Get credentials
-
Navigate back to APIs & Services > Credentials and select the service account you just created.
-
Click the service account’s email address.
-
On the Service Account Details Page, click KEYS.
-
Click ADD KEY > Create new key.

-
Choose JSON and click CREATE.
-
Keep the downloaded file safe, you’ll use it in the next step.
Step 6: Integrate ConductorOne to your Google Cloud Platform account
- Return to ConductorOne » select Integrations » click Google Cloud Platform
- Fill out the Credentials form field using The contents of the JSON file downloaded in Step 5:
- Click Next to complete the process
- In ConductorOne, click Integrations > Google Cloud Platform.
- If this is your first GCP integration, the integration form opens automatically. Otherwise, click Add Connector.
- Select the JSON file you downloaded in Step 5 in the Credentials (JSON) field.
- Click Next.
- A new Google Cloud Platform page opens with your saved credentials.
That’s it! Your Google Cloud Platform instance is now integrated with ConductorOne.