Main log export defaults
Closed this issue · 1 comments
umairidris commented
While reviewing the main log exports module I noticed a few improvements could be made there too for defaults.
-
unique_writer_identity should be true.
https://cloud.google.com/logging/docs/api/tasks/exporting-logs
When exporting logs, Logging adopts this identity for authorization. For increased security, new sinks get their own unique service account:
-
include_children should be true, since most audit users probably want resources witin folder and orgs to be captured by default.
We can probably wait till v6 (whenever that is) to make the improvements.
github-actions commented
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days