Eventarc Audit Log Scope Limited to Current Project
Question
In GCP, I have a log sink which centralizes logs onto a GCP Project. I also have an EventArc trigger that listens for Cloud Resource Manager events, specifically the createProject method
Are Eventarc triggers limited to only the current projects logs? Or can it access all logs from all logs bucket in a GCP Project
The logs show up in Cloud Logging (only when I set the scope to include all buckets and not limit it to the current project), however no Eventarc triggers are generated off of this.
Is this a limitation of Eventarc or am I missing something here?
1 answers
solution1
0 2022-09-01 07:36:10
Since the createProject method is among the very first logs that gets generated in a newly created project, EventArc triggers will NOT pick them up since the trigger would have to be created after the project has been created. Triggers might take a few minutes to become active before they can process logs.
In my case, I was able to create a Logs Router at an organization / folder level to overcome this issue, the Logs Router would include all child elements and would capture specific logs from the Cloud Resource Manager.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.