lacework · afiune · Nov 16, 2021 · Nov 15, 2021 · afiune · Nov 15, 2021
@@ -27,6 +27,22 @@ resource "lacework_integration_gar" "example" {
 }
 ```
 
+## Example GAR Module Usage
+
+Lacework maintains a Terraform module that can be used to create and manage the necessary
+resources required for both, the cloud provider platform as well as the Lacework platform.
+
+Here is a basic usage of this module:
+
+```hcl
+module "gar" {
+  source  = "lacework/gar/gcp"
+  version = "~> 0.1"
+}
+```
+
+To see the list of inputs, outputs and dependencies, visit the [Terraform registry page of this module](https://registry.terraform.io/modules/lacework/gar/gcp/latest).
+
 ## Example Loading Credentials from Local File
 
 Alternatively, this example shows how to load a [service account key created](https://cloud.google.com/iam/docs/creating-managing-service-account-keys#creating_service_account_keys)
@@ -110,7 +126,7 @@ The `limit_by_label` block can be defined multiple times to define multiple labe
 * `private_key_id` - (Required) The service account private key ID.
 * `private_key` - (Required) The service account private key.
 
-~> **Note:** The service account used for this integration requires the `storage.objectViewer` role for access to the Google project that contains the Google Artifact Registry (GAR). The role can be granted at the project level or the bucket level. If granting the role at the bucket level, you must grant the role to the default bucket called `artifacts.[YourProjectID].appspot.com`. In addition, the client must have access to the Google Artifact Registry API, Cloud Resource Manager API, and billing must be enabled.
+~> **Note:** The service account used for this integration requires the `roles/artifactRegistry.reader` role for access to the Google project that contains the Google Artifact Registry (GAR). In addition, the client must have access to the Google Artifact Registry API, Cloud Resource Manager API, and billing must be enabled. Lacework maintains a [Terraform GAR module](https://registry.terraform.io/modules/lacework/gar/gcp/latest) that can be used to create and manage the necessary resources required for both, the cloud provider platform as well as the Lacework platform.
 
 ### Supported Registry Domains
 

@@ -3,7 +3,7 @@ subcategory: "Container Registry Integrations"
 layout: "lacework"
 page_title: "Lacework: lacework_integration_gcr"
 description: |-
-  Create and manage GCR integrations
+  Create and manage Google Container Registry (GCR) integrations
 ---
 
 # lacework\_integration\_gcr
@@ -27,37 +27,22 @@ resource "lacework_integration_gcr" "example" {
 }
 ```
 
-## Example Creating a Service Account
+## Example GCR Module Usage
 
-This example shows how to create a new service account using the [Lacework service-account module](https://registry.terraform.io/modules/lacework/service-account/gcp/latest)
-and use it to create a new GCR integration:
+Lacework maintains a Terraform module that can be used to create and manage the necessary
+resources required for both, the cloud provider platform as well as the Lacework platform.
 
-```hcl
-locals {
-  gcr_credentials = jsondecode(base64decode(module.lacework_gcr_svc_account.private_key))
-}
-
-module "lacework_gcr_svc_account" {
-  source         = "lacework/service-account/gcp"
-  version        = "~> 0.1.4"
-  for_gcr        = true
-  for_compliance = false
+Here is a basic usage of this module:
 
-  # Optionally, a project ID  can be specified with the input 'project_id'
-}
-
-resource "lacework_integration_gcr" "example" {
-  name            = "GRC Integration with Module"
-  registry_domain = "gcr.io"
-  credentials {
-    client_id      = local.gcr_credentials.client_id
-    client_email   = local.gcr_credentials.client_email
-    private_key_id = local.gcr_credentials.private_key_id
-    private_key    = local.gcr_credentials.private_key
-  }
+```hcl
+module "gcr" {
+  source  = "lacework/gcr/gcp"
+  version = "~> 1.0"
 }
 ```
 
+To see the list of inputs, outputs and dependencies, visit the [Terraform registry page of this module](https://registry.terraform.io/modules/lacework/gcr/gcp/latest).
+
 ## Example Loading Credentials from Local File
 
 Alternatively, this example shows how to load a [service account key created](https://cloud.google.com/iam/docs/creating-managing-service-account-keys#creating_service_account_keys)
@@ -106,7 +91,7 @@ The following arguments are supported:
 * `private_key_id` - (Required) The service account private key ID.
 * `private_key` - (Required) The service account private key.
 
-~> **Note:** The service account used for this integration requires the `storage.objectViewer` role for access to the Google project that contains the Google Container Registry (GCR). The role can be granted at the project level or the bucket level. If granting the role at the bucket level, you must grant the role to the default bucket called `artifacts.[YourProjectID].appspot.com`. In addition, the client must have access to the Google Container Registry API and billing must be enabled.
+~> **Note:** The service account used for this integration requires the `storage.objectViewer` role for access to the Google project that contains the Google Container Registry (GCR). The role can be granted at the project level or the bucket level. If granting the role at the bucket level, you must grant the role to the default bucket called `artifacts.[YourProjectID].appspot.com`. In addition, the client must have access to the Google Container Registry API and billing must be enabled. Lacework maintains a [Terraform GCR module](https://registry.terraform.io/modules/lacework/gcr/gcp/latest) that can be used to create and manage the necessary resources required for both, the cloud provider platform as well as the Lacework platform.
 
 ## Import