Commit 3ec2d502 authored by Adam Robinson's avatar Adam Robinson
Browse files

prevent audit log storage from being destroyed

parent a28969f4
......@@ -27,6 +27,13 @@ resource "google_bigquery_dataset" "audit_logs" {
# role = "WRITER"
# user_by_email = split(":", google_logging_project_sink.hipaa_audit_project_logs_bq_sink.writer_identity)[1]
# }
lifecycle {
//Since these are audit logs, they should not be destroyed
//If a worker is removed this should be removed from the state so that it is preserved
prevent_destroy = true
}
depends_on = [ google_project_service.bq-api ]
}
......@@ -86,6 +93,12 @@ resource "google_storage_bucket" "audit_logs" {
age = 180
}
}
lifecycle {
//Since these are audit logs, they should not be destroyed
//If a worker is removed this should be removed from the state so that it is preserved
prevent_destroy = true
}
}
# # # Metric for unexpected bucket access
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment