@joecheuk joecheuk released this Oct 18, 2018

Assets 2

Summary

Inventory

  • Integration with Cloud Asset Inventory (CAI). CAI is a new GCP service that provides data across different resources. We will keep on updating the integration as CAI onboards new resources. This integration also significantly reduces the overall time to build the inventory.
  • Updated quota configuration to improve performance when getting data from the GCP APIs.
    • increased iam API calls from 18 to 90 requests per second.
    • increased logging API calls from 1 to 9 requests per second.

Scanner

  • Added Project Lien scanner.
  • Fixed sqlalchemy error in bigquery scanner.

Infrastructure

  • New GCS bucket created to store the data dump from CAI.
  • Forseti server service account permission updates:
    • Added role roles/cloudasset.viewer on the organization level.
    • Added role roles/storage.objectAdmin to the newly created CAI bucket on the bucket level.
  • Enabled new cloudasset API.

Upgrade

  • Please refer to the upgrade instructions on our official website.

Thanks to our contributors!

All changes

d035a3f Merge branch 'dev' of github.com:GoogleCloudPlatform/forseti-security into release-2.5.0
a80818e Change to new CAI package name (#2074)
316c239 Workaround on the different namings in firewall resource data from CAI.
095f7bb Updated contributors.md and incremented version to 2.5.0
bc9598a Merge 2.4.0 to dev (#2068)
e53b8ac (dev) Model Delete returns result (#2044)
8dbc837 Finish one query before executing the others. (#2067)
eb01373 fix client config path (#2065)
3b01742 Add Lien scanner (#2041)
1693306 CAI Integration - Installer (#2061)
aca0132 Typo in help text of gcloud command (#2045)
7381a93 Update quota configuration. (#2043)
fa492c8 Make Firewall Scanner code maintainable (#2015)
a48f501 Added check to see if gsuite_superadmin_email is set. (#2040)
9661165 Adding version number into logs (#2037)
b63dcf2 CloudAsset data integration (#2034)
017d8a6 Add support for downloading files to the storage client. (#2028)
a811249 Update Forseti inventory storage to store the temporary CAI asset data. (#2019)