Create an On-Demand Scan for GCP DLP and Malware
This topic provides instructions for creating an On-Demand DLP and Malware scan for Google Cloud Platform (GCP). For enhanced assistance on this topic, we have a 5-minute Youtube video.
To configure an On-Demand Scan, perform the following steps:
- Go to Policy > On-Demand Scan.
- Click Actions > Create a Scan.
- The Scan Creation Wizard is displayed. On the General Info page enter the following:
- Scan Type. Select DLP & Malware.
- Name. Enter a unique identifier so that you can rerun the scan later.
- Description. Enter an optional description for the scan.
- Service Instance. Select the Google Cloud Platform instance you want to scan.
- Click Next.
- On the Select Policies page, select the available policies to use for your scan type.
- Click Next.
- On the Configure Scan page, configure the data scope, buckets, and projects for your scan.
- Data Scope.
- Full. Scans all content every time the scan is run. The first time you run a scan, you must use Full mode.
- Incremental. Scan only content that has changed since the last successful scan. For details about Incremental mode, see About On-Demand Scans.
- Scan Dates. Select All, to scan all data. Or select Last X Days to limit the scan to the specified time period.
- Buckets.
- All Buckets. Scan all storage accounts.
- Include Specific Buckets. To include specific buckets for scan, manually enter them in a comma-separated list in the text box below.
- Exclude Specific Buckets. To exclude specific buckets for scan, manually enter them in a comma-separated list in the text box below.
- Projects.
- All Projects. Scan all projects.
- Include Specific Projects. To include only specific projects, click Edit and select specific projects from the list.
- Exclude Specific Projects. To exclude only specific projects, click Edit and select specific projects from the list.
- Click Next.
- On the Schedule Scan page, select the schedule for your scan to run:
- None (On-Demand Only). Run the scan once now.
- Daily. Run the scan once a day. Configure the time and time zone.
- Weekly. Run the scan once a week. Configure the day, time, and time zone.
- Click Next.
- On the Review & Activate page, review your settings for the On-Demand Scan, and click Save. Or click Back to make changes.
Once the setup is complete, to run a scan, on the Policy > On-Demand Scan page, select a Scan Name. Under the Actions column for that scan, click Start. You can view all the policy incident violations on the Policy Incidents page.