Skip to content

feat: CAI Monitoring Cloud Function #1015

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 45 commits into from
Dec 6, 2023
Merged

feat: CAI Monitoring Cloud Function #1015

merged 45 commits into from
Dec 6, 2023

Conversation

Samir-Cit
Copy link
Contributor

@Samir-Cit Samir-Cit commented Nov 7, 2023
edited
Loading

Hi folks.

This PR is to add a new Cloud Function that will monitor CAI assets with IAM Policy content type.

The Cloud Function will search for IAM members who has any role from a list of roles pre-defined.
If one role of the list of pre-defined roles is grant to a member, it will generate a SCC Finding with:

  • DateTime that the role was granted
  • Member who has the roles (user, service account, group...)
  • Roles that was granted

Samir-Cit and others added 29 commits October 24, 2023 18:14
@Samir-Cit
CAI monitoring Cloud Function on top of Foundations
cf25833
@Samir-Cit
Allow APIs
08d2291
@Samir-Cit
Code Review fix
a1a1b76
@Samir-Cit
Improve CF logs
87cb300
@Samir-Cit
CF creating new SCC Finding
2f79538
@Samir-Cit
Merge branch 'terraform-google-modules:master' into feat/cai-monitoring
e1cdc42
@Samir-Cit
Bump node version to 20
43c04e0
@Samir-Cit
More generic function
ec5b7bf
@Samir-Cit
Rename
0311539
@Samir-Cit
Renaming
5113b83
@Samir-Cit
V1 of test cases.
808b89b
@Samir-Cit
Fix lint
55372d9
@Samir-Cit
Fix test
8954211
@Samir-Cit
Fix test
e308b96
@Samir-Cit
Org SA Source Editor
aa73032
@Samir-Cit
Add permission
91c961a
@Samir-Cit
Random name suffix
abe09d1
@Samir-Cit
Add missing output
adffac0
@Samir-Cit
Lint
88217d0
@Samir-Cit
Refactoring
ae19623
@Samir-Cit
Cloud Function fix
7c2752a
@Samir-Cit
Merge branch 'terraform-google-modules:master' into feat/cai-monitoring
c663843
@Samir-Cit
Refactoring tests
1a23df7
@Samir-Cit
Fix test
ccd699f
@Samir-Cit
Remove feed test
ae15996
@Samir-Cit
Remove feed test
4f346a8
@Samir-Cit
Fix outputs
ca0aa8a
@Samir-Cit
Merge branch 'master' into feat/cai-monitoring
9c436ad
@Samir-Cit
Refactoring
a68b778
@Samir-Cit Samir-Cit marked this pull request as ready for review November 10, 2023 12:59
@Samir-Cit Samir-Cit requested review from rjerrems, gtsorbo and a team as code owners November 10, 2023 12:59
ghost
ghost reviewed Nov 10, 2023
View reviewed changes
ghost
ghost reviewed Nov 10, 2023
View reviewed changes
daniel-cit
daniel-cit reviewed Nov 13, 2023
View reviewed changes
gtsorbo
gtsorbo suggested changes Nov 22, 2023
View reviewed changes
Copy link
Contributor

@gtsorbo gtsorbo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

small changes, but otherwise great

@Samir-Cit Samir-Cit requested a review from gtsorbo November 23, 2023 21:33
@Samir-Cit Samir-Cit requested a review from a user November 29, 2023 17:22
@gtsorbo gtsorbo merged commit 141f067 into terraform-google-modules:master Dec 6, 2023
@release-please release-please bot mentioned this pull request Dec 6, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daniel-cit daniel-cit daniel-cit left review comments

@rjerrems rjerrems Awaiting requested review from rjerrems

+2 more reviewers

@gtsorbo gtsorbo gtsorbo approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Samir-Cit @gtsorbo @daniel-cit