Skip to content

Commit

Permalink
chore: enable iap audit logs
Browse files Browse the repository at this point in the history
  • Loading branch information
@krtk6160
krtk6160 committed Jan 31, 2024
1 parent 84f6d46 commit db4f74a
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions modules/inception/gcp/bastion.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,3 +101,17 @@ resource "google_compute_firewall" "bastion_allow_iap_inbound" {
ports = [22]
}
}

resource "google_project_iam_audit_config" "iap_audit_logs" {
project = local.project
service = "iap.googleapis.com"
audit_log_config {
log_type = "ADMIN_READ"
}
audit_log_config {
log_type = "DATA_READ"
}
audit_log_config {
log_type = "DATA_WRITE"
}
}

0 comments on commit db4f74a

Please sign in to comment.