turbot/steampipe-mod-gcp-compliance

Benchmark: 10.5 Secure audit trails so they cannot be altered

Description

GCP Customers are responsible for setting permissions and access controls for audit logs. Identity Access Management (IAM) can be used to set permissions for accounts with access to online and offline log storage locations. Customers are responsible to log and monitor their GCE and GKE systems and instances in alignment with PCI DSS requirements.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-gcp-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select 10.5 Secure audit trails so they cannot be altered.

Run this benchmark in your terminal:

powerpipe benchmark run gcp_compliance.benchmark.pci_dss_v321_requirement_10_5

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run gcp_compliance.benchmark.pci_dss_v321_requirement_10_5 --share

Controls

Tags