Benchmark: 10.1 Implement audit trails to link all access to system components to each individual user.
Description
GCP customers are responsible for configuring logging parameters, when available. Customers are responsible to log and monitor their GCE, and GKE instances, systems and applications in alignment with PCI DSS requirements.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-gcp-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 10.1 Implement audit trails to link all access to system components to each individual user..
Run this benchmark in your terminal:
powerpipe benchmark run gcp_compliance.benchmark.pci_dss_v321_requirement_10_1
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run gcp_compliance.benchmark.pci_dss_v321_requirement_10_1 --share
Controls
- Ensure that Cloud Audit Logging is configured properly across all services and all users from a project
- Ensure compute firewall rule have logging enabled
- Ensure VPC Flow logs is enabled for every subnet in VPC Network
- GKE clusters logging should be enabled