GCP ModesΒΆ
Custodian can run in numerous modes depending with the default being pull mode.
- pull:
Default mode, which runs locally where custodian is run.
properties: type: enum: - pull required: - type
- gcp-periodic:
Runs in GCP Functions triggered by Cloud Scheduler at user defined cron interval. Default region the function is deployed to is
us-central1. In case you want to change that, use the cli--regionflag.
properties: environment: type: object execution-options: type: object labels: type: object max-instances: type: integer memory-size: type: integer network: type: string schedule: type: string service-account: type: string timeout: type: string trigger-type: enum: - http - pubsub type: enum: - gcp-periodic tz: type: string required: - schedule - type
- gcp-audit:
Runs in GCP Functions triggered by Audit logs. This allows you to apply your policies as soon as events occur. Audit logs creates an event for every api call that occurs in your gcp account. See GCP Audit Logs for more details. Default region the function is deployed to is
us-central1. In case you want to change that, use the cli--regionflag.
properties: environment: type: object execution-options: type: object labels: type: object max-instances: type: integer memory-size: type: integer methods: items: type: string type: array network: type: string service-account: type: string timeout: type: string type: enum: - gcp-audit required: - methods - type