Eventarc Audit Log Scope Limited to Current Project
In GCP, I have a log sink which centralizes logs onto a GCP Project. I also have an EventArc trigger that listens for Cloud Resource Manager events, specifically the createProject method
Are Eventarc triggers limited to only the current projects logs? Or can it access all logs from all logs bucket in a GCP Project
The logs show up in Cloud Logging (only when I set the scope to include all buckets and not limit it to the current project), however no Eventarc triggers are generated off of this.
Is this a limitation of Eventarc or am I missing something here?
Since the createProject method is among the very first logs that gets generated in a newly created project, EventArc triggers will NOT pick them up since the trigger would have to be created after the project has been created. Triggers might take a few minutes to become active before they can process logs.
In my case, I was able to create a Logs Router at an organization / folder level to overcome this issue, the Logs Router would include all child elements and would capture specific logs from the Cloud Resource Manager.
- Issue when trying to register an app for consent screen in google oauth
- Google API Gateway: Provide API key in header
- How to merge billing export tables in GCP BigQuery
- Deny creation of publically accessible GCP buckets at project level?
- GCP Datastore Querying on nested entity references (entityB.name)
- How to list all enabled API services for Google Cloud Platform project
- Is gRPC(HTTP/2) faster than REST with HTTP/2?
- How to create a signed URL in NodeJS for Google Cloud Media CDN
- How to authenticate Google APIs (Google Drive API) from Google Compute Engine and locally without downloading Service Account credentials?
- Exporting from Cloud SQL to CSV with column headers
- python 3: Using pisa for creating pdf with multiple image urls in html content, rendering images incorrectly
- schedule autoscaler in terraform for GCP?
- Multiple STRING_AGG in one query
- Why aren't nacked messages ending up in my dead letter topic?
- Handle 503 error when making jobs.insert call
- Use http Google Cloud Functions "Require Authentication" with Firebase
- Google App Engine slow cold boot time (Flask app)
- gcloud SSH in same terminal window
- Cannot enable API on GCP (User role=Owner && Billing account is linked)
- Select All Columns Except Some in Google BigQuery?
- Why does my flex env google app engine instance have a minimum of 2 instances running, even when there is no traffic?
- How Does GCP Global Application Load Balancer Select the Closest Backend?
- How to use Google Search Grounding with Dynamic Retrieval Configuration
- Google Stackdriver Logging add comments to advanced filter
- BigQuery Date-Partitioned Views
- Check TPU workload/utilization
- Google Forms API raises google.auth.exceptions.RefreshError: 'No access token in response.'
- How can I see request count (not rate) for a Google Cloud Run application?
- I can write to my Firebase Firestore database, but am unable to read from it (Android Studio using Java)
- How to get task count in GCP cloud task