ksobrenat32 opened a new pull request, #35922:
URL: https://github.com/apache/beam/pull/35922
This pull request introduces a new GCP security analyzer system for
monitoring and reporting on security-sensitive events within the Google Cloud
Platform environment. The main changes include adding documentation,
configuration, implementation, and dependency management for the analyzer. The
analyzer captures key events (like IAM policy changes and service account key
management), stores logs in GCS, and generates weekly email reports.
**New GCP Security Analyzer Implementation**
*Documentation and Overview*
- Added a comprehensive `README.md` in `infra/security` explaining the
purpose, architecture, configuration, and usage of the GCP security analyzer,
including setup instructions and example configuration.
*Configuration and Setup*
- Introduced a `config.yml` file to define monitored events, log sinks,
excluded principals, logging level, and GCS bucket for log storage. This file
supports customization of the analyzer’s behavior.
- Added a `requirements.txt` specifying all necessary Python dependencies
for the analyzer, ensuring reproducible installations.
*Analyzer Implementation*
- Added the main analyzer script `log_analyzer.py`, which:
- Initializes or updates GCP log sinks based on configuration.
- Retrieves and processes logs from GCS.
- Generates and sends weekly security event summary emails, or prints
them if email is not configured.
- Supports command-line usage for sink initialization and report
generation.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
