turbot/gcp

steampipe plugin install gcpsteampipe plugin install gcp
On This Page
Get Involved

Table: gcp_audit_policy

Audit policy defines rules for which events are recorded as log entries.

Basic info

select
service,
jsonb_array_elements(audit_log_configs) ->> 'logType' as log_type
from
gcp_audit_policy;

List of services which has data write access

select
service,
log_type ->> 'logType' as log_type
from
gcp_audit_policy,
jsonb_array_elements(audit_log_configs) as log_type
where
log_type ->> 'logType' = 'DATA_WRITE';

.inspect gcp_audit_policy

GCP Audit Policy

NameTypeDescription
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
audit_log_configsjsonbThe configuration for logging of each type of permission
locationtextThe GCP multi-region, region, or zone in which the resource is located.
projecttextThe GCP Project in which the resource is located.
servicetextSpecifies a service that will be enabled for audit logging