mweiden
commented
5 years ago @rhiananthony this was the ticket I mentioned before. Do you or someone on your team have expertise here?
Open mweiden opened 5 years ago
mweiden
commented
5 years ago @rhiananthony this was the ticket I mentioned before. Do you or someone on your team have expertise here?
Need
Access to production logs (in CloudWatch logs and Stackdriver logs in production GCP projects) is currently too wide. Access should be restricted, probably just to DCP security leads.
Approach
dcp-infrato restrict read, write, and delete access to AWS CloudWatch production logsdcp-infraand restrict same permissions to GCP StackDriver logs