Commit 3a2d61c1 authored by Kenny Moore's avatar Kenny Moore
Browse files

Clean up audit filter

parent dcd7abbb
......@@ -82,6 +82,13 @@ data "google_iam_policy" "customer_folder_policy" {
]
}
binding {
role = "roles/cloudasset.viewer"
members = [
"group:${var.mcomm_group_email}",
]
}
binding {
role = "organizations/715302536254/roles/GCP_at_UM_Customer_Folder_Viewer"
members = [
......
......@@ -18,7 +18,7 @@ locals {
"log_id(\"cloudaudit.googleapis.com/access_transparency\")",
"log_id(\"externalaudit.googleapis.com/access_transparency\")",
"log_id(\"cloudaudit.googleapis.com/data_access\")",
"log_id (\"externalaudit.googleapis.com/data_access\")",
"log_id(\"externalaudit.googleapis.com/data_access\")",
"log_id(\"compute.googleapis.com/vpc_flows\")",
]
log_filters = join(" OR ", local.log_filter_list)
......@@ -50,7 +50,8 @@ locals {
test = {
its = "pubsub.googleapis.com/projects/gcp-at-um-test-mon/topics/gcp-at-um-logs-test"
campus = "pubsub.googleapis.com/projects/gcp-at-um-test-mon/topics/gcp-at-um-logs-test"
michigan_medicine = "pubsub.googleapis.com/projects/gcp-at-um-test-mon/topics/gcp-at-um-logs-test"
# michigan_medicine = "pubsub.googleapis.com/projects/gcp-at-um-test-mon/topics/gcp-at-um-logs-test"
mm = "pubsub.googleapis.com/projects/gcp-at-um-test-mon/topics/gcp-at-um-logs-test"
hipaa = "pubsub.googleapis.com/projects/gcp-at-um-test-mon/topics/hipaa-logs-test"
# "pubsub.googleapis.com/projects/gcp-at-um-mon/topics/hipaa-logs-test"
......@@ -58,7 +59,8 @@ locals {
prod = {
its = "pubsub.googleapis.com/projects/gcp-at-um-mon/topics/gcp-at-um-logs-prod"
campus = "pubsub.googleapis.com/projects/gcp-at-um-mon/topics/gcp-at-um-logs-prod"
michigan_medicine = "pubsub.googleapis.com/projects/gcp-at-um-mon/topics/gcp-at-um-logs-prod"
# michigan_medicine = "pubsub.googleapis.com/projects/gcp-at-um-mon/topics/gcp-at-um-logs-prod"
mm = "pubsub.googleapis.com/projects/gcp-at-um-test-mon/topics/gcp-at-um-logs-test"
hipaa = "pubsub.googleapis.com/projects/gcp-at-um-mon/topics/hipaa-logs-prod" # "pubsub.googleapis.com/projects/${var.division}-logs-${var.environment}"
}
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment