Skip to main content

Onboarding & Discovery Architecture

This document illustrates the enhanced onboarding and service discovery flow, detailing how users connect their GCP environments, how least-privilege access is enforced, and how the inventory is populated in real-time.

User Onboarding Flow​

The onboarding process is designed to be secure, transparent, and user-friendly. It involves generating a custom, least-privilege setup script, validating permissions via service account impersonation (no keys stored), and automatically discovering resources.

Service Discovery & Real-time Updates​

Once the connection is validated, the Service Discovery module scans the project for active resources. This process is asynchronous and emits real-time events to the frontend.

Security Model​

The onboarding flow strictly adheres to Least Privilege principles:

  1. No Long-Lived Keys: We do not generate or store JSON key files. We use Service Account Impersonation.
  2. Mode-Specific Access:
    • Discovery Mode: Grants only viewer roles (e.g., roles/run.viewer, roles/bigquery.dataViewer).
    • Automation Mode: Grants specific admin or developer roles required for remediation (e.g., roles/run.developer).
  3. Transparent Scripts: The setup script is a plain Bash script that the user executes themselves, ensuring full transparency of the permissions being granted.