Hello I m trying to set up the GCP pub sub with Kolide and I

Question

Hello I m trying to set up the GCP pub sub with Kolide and I m using a service account to grant permissions to be able to publish logs Therefore I m using a json containing the service account key I wonder if kolide has any mechanism to handle key rotations or I have to take into consideration this situation by other means

sundsta · Answer

That s outside of the scope of Fleet If you want to rotate that key you have to generate a new key for the service account update the Fleet config and then revoke the old key

sundsta · Answer

That said there isn t any need to rotate the key unless you have reason to believe its compromised

sundsta · Answer

Also since you re running in GCP it s better to just have Fleet run under the service account s identity that way you don t need to pass it a JSON key

Norberto Garcia Marin · Answer

Thanks I tried that last thing and It s working