Google cloud logging streaming strategy (!122243) · Merge requests · GitLab.org / GitLab

Harsimar Sandhu requested to merge 409423-add-google-cloud-logging-streaming into master May 31, 2023

What does this MR do and why?

Google cloud logging streaming strategy

This commit adds streaming strategy to allow streaming of audit events to google cloud logging service

EE: true Changelog: added

How to set up and validate locally

Setup a project on google cloud and setup IAM service account with logging write access.
Using the google IAM service account config, Create a Google Cloud Logging Configuration using the below mutation

mutation createGoogleCloudLoggingConfiguration {
  googleCloudLoggingConfigurationCreate(
    input: {
      groupPath: "GROUP_PATH", 
      googleProjectIdName: "GOOGLE_PROJECT_ID_NAME", 
      clientEmail: "CLIENT_EMAIL", 
      privateKey: "PRIVATE_KEY"}
  ) {
    googleCloudLoggingConfiguration {
      id
      googleProjectIdName
      logIdName
      privateKey
      clientEmail
    },
    errors,
  }
}

Do some action inside the group which produces audit event, for example: change merge request approval settings.
Audit Event should be streamed and visible inside https://console.cloud.google.com/logs/query

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #409423 (closed)

Edited Jun 05, 2023 by Harsimar Sandhu

Google cloud logging streaming strategy

What does this MR do and why?

How to set up and validate locally

MR acceptance checklist

Merge request reports