GCP Cloud Onboarding
New to Fusion cloud onboarding? Start with Fusion Onboarding for Cloud Engineers for deployment models, scope planning, and cloud-specific guidance.
Use one of these three paths to configure GCP VPC flow logs, Cloud DNS logs, cloud context, and onboarding to Fusion.
Choose the path that fits your environment:
Manual onboarding — best for a small number of projects or an initial PoC
Vectra onboarding automation — best for large or dynamic GCP environments
Custom IaC automation — best if you prefer integrating to your existing IaC
1. Manual onboarding
Follow step-by-step guides to configure GCP and Fusion, onboard each project, and add cloud context.
Best for
Organizations with a small number of projects that rarely change, or for an initial PoC.
Next steps
2. Vectra Cloud Onboarding Automation for GCP Organizations
For detailed documentation, see Vectra Terraform Cloud Onboarding for GCP Organizations.
Using Terraform to automate onboarding
Access Vectra's Terraform automation at https://github.com/netography/neto-onboarding.
For access to the repo, reach out to your Vectra contact with your GitHub ID or request the latest release package.
Vectra provides the neto-onboarding Terraform project for AWS Organizations, Azure Tenants, and GCP Organizations.
This automation can:
Enable and configure AWS VPC flow logs, Azure VNet flow logs, and GCP VPC flow logs based on policy and tags
Deploy the infrastructure required to integrate with Fusion across multiple accounts, subscriptions, or projects
Add VPCs configured for flow logging to Vectra Fusion as traffic sources
Deploy a single AWS Lambda, Azure Function, or Google Cloud Function for context enrichment across all in-scope environments
Monitor for VPC changes, onboard new in-scope networks, and offboard networks that leave scope
Best for
Organizations that want a complete, supported, end-to-end solution for managing flow log configuration and onboarding to Fusion. This is usually the fastest path for large, dynamic, or multi-cloud environments.
Next steps
Reach out to your Vectra contact and request access to the GitHub repo.
Include your GitHub ID, or request the latest release package.
3. Custom IaC automation
Use your existing automation pipelines or scripts to:
Create Pub/Sub topics, subscriptions, logging sinks, and the required permissions
Configure VPC flow logs and Cloud DNS logging policies in GCP
Call the Fusion API to create flow and DNS traffic sources and create context integrations
Best for
Organizations experienced with GCP IaC that already provision VPCs, DNS logging, or related resources through automation and want to extend that workflow to Fusion.
Next steps
Vectra's Cloud Onboarding Automation for GCP Organizations, described in option 2, provides example code using Terraform, Google Cloud Functions, and Python for the full onboarding flow. Review that implementation and reach out to Vectra if you need help building custom IaC.
In addition, Fusion traffic source creation and context integration options are documented in AWS Custom IAC Onboarding for Cloud Automation Engineers. These methods apply across clouds.
Last updated