Forseti 1.0 Deprecation Announcement

We previously announced the End-of-Life for Forseti 1.0 in October 2018. We have extended that timeline, and this is the last notice that Forseti 1.0 will be removed from availability on March 15, 2019.

We strongly encourage any remaining Forseti 1.0 users to migrate to Forseti 2.0 as there are many new features to help you to stay secure on Google Cloud Platform (GCP).

New Features

  • New CLI client to operate all Forseti components on demand
  • Parallelized inventory process
  • New inventories available: Bucket IAM Policies, API Configurations, Audit Logging Configurations, Networks, Subnetworks, and G Suite Users, and many more
  • New scanners for service account key rotation, audit log configuration, enabled APIs, location, KMS, and Kubernetes
  • IAM policy scanner now audits bucket and other sub-project resource IAM policies
  • New Explain component to help you understand the effective roles and permissions that affect your GCP resources from the granted IAM policies

Architecture Improvements

  • Centralized table for all GCP inventory data, with optimized schema and indexes for easier and faster queries
  • Faster inventory process with Cloud Asset Inventory
  • Integration with Cloud Security Command Center (Cloud SCC) beta
  • Negates the use of a separate G Suite service account and exported key
  • Forseti VMs on Google Compute Engine (GCE) now run on the latest Ubuntu 18.04
  • A more intuitive installation process using Terraform, and with better default rule files

To upgrade from Forseti version 1.0, please see the Forseti v2 upgrade guide.

If you are new to Forseti, please see the Forseti v2 installation guide to get started.

Thank you,

The Forseti Security team at Google

Written By
Henry Chang, Google
Published On
18 February 2019