Log permission errors - Githubissues

GoogleCloudPlatform / inspec-gke-cis-benchmark

GKE CIS 1.1.0 Benchmark InSpec Profile

Apache License 2.0

27 stars 22 forks source link

Log permission errors #5

Closed dinvlad closed 4 years ago

dinvlad commented 4 years ago

Hi Team,

Would it be possible to log any permission errors when running the benchmark? Currently, when we run it on a project and it returns zero findings, it's hard to tell if this is because the project is fully compliant, or if the benchmark SA simply didn't have access to some resources.

This request is similar to https://github.com/GoogleCloudPlatform/inspec-gcp-cis-benchmark/issues/54

Thanks!

KonradSchieban commented 4 years ago

Thanks @dinvlad for raising this issue. This will have to be implemented in the repo https://github.com/GoogleCloudPlatform/inspec-gcp-helpers . Once implemented, it will fix the issue for all dependent profiles (gke-cis, gcp-cis, gcp-pci, etc.)