This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Notifications for metadata changes (SSH keys)

Posted on 11-30-2022 06:53 AM
gdsotirov
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

Is there a way to get notified (email, SMS, etc.) for metadata changes on project level (e.g. SSH keys)?

 

Regards,

--

Georgi

Solved Solved
0 4 516
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
gdsotirov
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I was able to achieve it with a logs based alert having the following filter:

resource.type="gce_project"
protoPayload.@type="type.googleapis.com/google.cloud.audit.AuditLog"
(	protoPayload.metadata.projectMetadataDelta.addedMetadataKeys!=""
	OR protoPayload.metadata.projectMetadataDelta.deletedMetadataKeys!=""
	OR protoPayload.metadata.projectMetadataDelta.modifiedMetadataKeys!=""
)

Note: The fields addedMetadataKeys, deletedMetadataKeys and modifiedMetadataKeys seem to have been added earlier this year.

But I'll have to fine tune the alert now, because it does not provide information about what was done and what was changed. It should be possible with labels.

View solution in original post

Jump to Solution
4 REPLIES 4
Top Labels in this Space
Top Solution Authors
View all