Stay organized with collections
Save and categorize content based on your preferences.
The Snyk for Google Security Command Center (SCC) integration, available in
Cloud Marketplace, lets you view and manage issues identified by Snyk
as security findings in Google Cloud. Issues received from Snyk are represented
in Security Command Center as code security findings. When Snyk issues are updated,
the corresponding Security Command Center findings are automatically updated as well.
Identify or create a Google Cloud project
in the organization from the previous step. Record the project information.
You need this when configuring the integration.
(Optional) Manually create a service account
in the project from the previous step, then do the following.
If you don't create the service account manually, you must create it
when configuring the integration. It is used to authenticate with Google Cloud.
As an alternative, you can search for Snyk for Google Security Command Center
(SCC) in Google Cloud Marketplace.
Select the organization where Security Command Center is enabled.
Click Sign up with partner to configure the integration.
Click Change to select a project in the organization. This is where the
service account exists if you have already created it. If you have not
created the service account, this is where it is created.
Select one of the following options:
Create a new service account. Select this if you didn't create
a service account manually. Enter the following information:
Service account name: display name for this service account.
Service account ID: alphanumeric ID used in the service account email
address.
Use an existing service account. Select this if you created a service
account manually. From the menu, select the service account.
Click Submit.
In Security Command Center, go to Settings>Integrated services.
Find the listing for Snyk for Google Security Command Center (SCC).
Record the Source ID value for the integration. You need this
information in the following section. This is also known as the relative
resource name stored in the finding source
name
field.
If you selected Create a new service account in the previous step,
go to IAM in Google Cloud console and
Create a service account key
for the service account that was created. Create the key in JSON format
and save it. You use it in a later step.
Configure the integration in Snyk
Collect the following information:
Source ID: the relative resource name that you saved in the previous
section. The Google Cloud organization ID is parsed automatically from this
field.
Service account key: the JSON key that you created from the service account.
Navigate to your Snyk group-level integrations page, called Integrations Hub,
and then sign in using your Snyk credentials.
Search for Google SCC, and then click Use integration in the Google SCC
entry that is returned.
Enter values for the following:
Profile name: a name that you define for this integration.
Source ID: you recorded this previously.
Service account key: you recorded this previously.
Click Done.
After the connection is established, the Google SCC integration status changes
to Setup in progress. The status automatically changes to Connected
when the next Snyk scan occurs in your environment.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[],[],null,["# Send Snyk data to Security Command Center\n\n| **Preview**\n|\n|\n| This feature is subject to the \"Pre-GA Offerings Terms\" in the General Service Terms section\n| of the [Service Specific Terms](/terms/service-terms#1).\n|\n| Pre-GA features are available \"as is\" and might have limited support.\n|\n| For more information, see the\n| [launch stage descriptions](/products#product-launch-stages).\n\nThe **Snyk for Google Security Command Center (SCC)** integration, available in\nCloud Marketplace, lets you view and manage issues identified by Snyk\nas security findings in Google Cloud. Issues received from Snyk are represented\nin Security Command Center as code security findings. When Snyk issues are updated,\nthe corresponding Security Command Center findings are automatically updated as well.\n\nComplete the following sections in order:\n\n1. [Before you begin](#before-you-begin)\n\n2. [Configure the integration in the Google Cloud console](#cloud-config)\n\n3. [Configure the integration in Snyk](#snyk-config)\n\nBefore you begin\n----------------\n\n- Create a Snyk user account with\n [permissions to edit and view group integrations](https://docs.snyk.io/admin/user-roles/user-role-management).\n\n- Prepare your Google Cloud environment.\n\n 1. Create a Google Cloud organization with Security Command Center enabled at the\n organization level. See either [Activate Security Command Center](/security-command-center/docs/activate-scc-for-an-organization)\n or [Activate Security Command Center Enterprise tier](/security-command-center/docs/activate-enterprise-tier)\n for information about how to do this.\n\n 2. Identify or [create a Google Cloud project](/resource-manager/docs/creating-managing-projects)\n in the organization from the previous step. Record the project information.\n You need this when configuring the integration.\n\n 3. (Optional) Manually [create a service account](/iam/docs/service-accounts-create)\n in the project from the previous step, then do the following.\n If you don't create the service account manually, you must create it\n when configuring the integration. It is used to authenticate with Google Cloud.\n\n 1. Assign the [Security Center Findings Editor (`roles/securitycenter.findingsEditor`)](/security-command-center/docs/access-control-org#securitycenter.findingsEditor)\n role to the service account.\n\n 2. [Create a service account key](/iam/docs/keys-create-delete#creating)\n for the service account. Create the key in JSON format.\n\n 3. Record the following information. You use this when configuring the\n integration.\n\n - Service account name\n - Service account ID\n - Service account key\n\n### Configure the integration in the Google Cloud console\n\nDuring this process, you configure the Snyk integration and create or configure\na service account.\n\n1. If you manually created the service account, get the following information:\n\n - Service account name: display name for this service account.\n - Service account ID: alphanumeric ID used in the service account email address.\n2. In the Google Cloud console, go to the **Snyk for Google Security Command\n Center (SCC)** in **Marketplace**.\n\n\n [Go to Snyk listing](https://console.cloud.google.com/marketplace/product/snyk-marketplace/snyk-google-scc)\n\n \u003cbr /\u003e\n\n As an alternative, you can search for **Snyk for Google Security Command Center\n (SCC)** in [Google Cloud Marketplace](/marketplace).\n3. Select the organization where Security Command Center is enabled.\n\n4. Click **Sign up with partner** to configure the integration.\n\n5. Click **Change** to select a project in the organization. This is where the\n service account exists if you have already created it. If you have not\n created the service account, this is where it is created.\n\n6. Select one of the following options:\n\n - **Create a new service account**. Select this if you didn't create\n a service account manually. Enter the following information:\n\n - Service account name: display name for this service account.\n - Service account ID: alphanumeric ID used in the service account email address.\n - **Use an existing service account**. Select this if you created a service\n account manually. From the menu, select the service account.\n\n7. Click **Submit**.\n\n8. In Security Command Center, go to **Settings** \\\u003e **Integrated services**.\n\n9. Find the listing for **Snyk for Google Security Command Center (SCC)**.\n\n10. Record the **Source ID** value for the integration. You need this\n information in the following section. This is also known as the relative\n resource name stored in the finding source\n [`name`](/security-command-center/docs/reference/rest/v2/organizations.sources)\n field.\n\n11. If you selected **Create a new service account** in the previous step,\n go to IAM in Google Cloud console and\n [Create a service account key](/iam/docs/keys-create-delete#creating)\n for the service account that was created. Create the key in JSON format\n and save it. You use it in a later step.\n\n### Configure the integration in Snyk\n\n1. Collect the following information:\n\n - Source ID: the relative resource name that you saved in the previous\n section. The Google Cloud organization ID is parsed automatically from this\n field.\n\n - Service account key: the JSON key that you created from the service account.\n\n2. Navigate to your Snyk group-level integrations page, called **Integrations Hub**,\n and then sign in using your Snyk credentials.\n\n3. Search for `Google SCC`, and then click **Use integration** in the **Google SCC**\n entry that is returned.\n\n4. Enter values for the following:\n\n - **Profile name**: a name that you define for this integration.\n - **Source ID**: you recorded this previously.\n - **Service account key**: you recorded this previously.\n5. Click **Done**.\n\nAfter the connection is established, the **Google SCC** integration status changes\nto **Setup in progress** . The status automatically changes to **Connected**\nwhen the next Snyk scan occurs in your environment.\n\nWhat's next\n-----------\n\nReview and manage [Snyk code security findings](/security-command-center/docs/code-security-findings-snyk)."]]
