Audit log data can be used to map and illustrate the following:
- conceptual relationships
- causes and effects
- interactions between GCP entities
And is useful to answer PCI needs such as tracking:
- Successful login
- Unsuccessful login
- Creating user
- Deleting user
- Adding user to strong groups (admin)
- Creating a service account
- Configure environment variable GOOGLE_APPLICATION_CREDENTIALS with file location
export GOOGLE_APPLICATION_CREDENTIALS="~/creds.json"
- When you create a GCP Compliance Integration or GCP Audit Log Integration manually, you must enable APIs for the GCP projects you want to integrate with.
- Enable KMS API
- Enable IAM API
- Cloud Resource Manager API
- Cloud Key Management Service (KMS) API
- Compute Engine API
- Google Cloud DNS API
- Stackdriver Monitoring API
- Stackdriver Logging API
- Cloud Storage
- Service Usage API
- Kubernetes Engine API
# Customize the following variables
export tag="feature-branch-foo"
export project="my-project"
# Create terraform remote state bucket
cd ./modules/backend_bucket/
terraform init --reconfigure
terraform apply -var "gcp_project=$project" --auto-approve
bucketname=$(terraform output -json | jq -r '.bucket_name.value')
# Apply project terraform
cd ../../
echo $PWD
terraform init -backend-config="bucket=$bucketname" --reconfigure
terraform apply -var "gcp_project=$project" -refresh=true -var "tag=$tag"