Skip to content

Enable GCP Audit logging using Terraform

Data Access Audit logs are disabled by default as its cost depends on the usage. To enable them using Terraform we can use the following script.

Advertisements
resource "google_project_iam_audit_config" "all-services" {
  project = "<your project>"
  service = "allServices"
  audit_log_config {
    log_type = "ADMIN_READ"
  }
  audit_log_config {
    log_type = "DATA_READ"
  }
  audit_log_config {
    log_type = "DATA_WRITE"
  }
}

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.