Eventarc uses Pub/Sub as a transport to deliver events to destinations like Cloud Run, HTTP endpoints, etc. But I want to consume the events directly from the Pub/Sub topic myself, ideally using a subscription I create myself.
Is there any way to make Eventarc just publish the events to a topic and stop there? Or, is there a way to directly tell an Eventarc provider to write to a topic, and not involve Eventarc itself?
It's clear in the Eventarc API documentation that you can specify the Pub/Sub topic to use as the transport. After doing that, I could read from the topic myself. The problem is that I am still required to specify a destination. Pub/Sub is not a valid destination in the API (although it is a valid provider).
Making a no-op Cloud Run to receive the events the way Eventarc wants to deliver them would work, but feels very silly (and costs money).
Native event are impossible to catch out of Eventarc.
A solution is to create a Cloud Run service with eventarc, and then to remove manually the pubsub subscription created and create yours (it's a hack)
If you use Audit log events, simply go to Cloud Logging, create your filter then sink the filter into a PubSub topic. And then create your subscription on that topic.