GCP Execution Modes

pull

Pull mode execution of a policy.

Queries resources from cloud provider for filtering and actions.

properties:
  type:
    enum:
    - pull
required:
- type

gcp-audit

Custodian policy execution on gcp api audit logs events.

Deploys as a Cloud Function triggered by api calls. This allows you to apply your policies as soon as an api call occurs. Audit logs creates an event for every api call that occurs in your gcp account. See GCP Audit Logs for more details.

Default region the function is deployed to is us-central1. In case you want to change that, use the cli --region flag.

properties:
  environment:
    type: object
  execution-options:
    type: object
  labels:
    type: object
  max-instances:
    type: integer
  memory-size:
    type: integer
  methods:
    items:
      type: string
    type: array
  network:
    type: string
  service-account:
    type: string
  timeout:
    type: string
  type:
    enum:
    - gcp-audit
required:
- methods
- type

gcp-periodic

Deploy a policy as a Cloud Functions triggered by Cloud Scheduler at user defined cron interval via Pub/Sub.

Default region the function is deployed to is us-central1. In case you want to change that, use the cli --region flag.

properties:
  environment:
    type: object
  execution-options:
    type: object
  labels:
    type: object
  max-instances:
    type: integer
  memory-size:
    type: integer
  network:
    type: string
  schedule:
    type: string
  service-account:
    type: string
  timeout:
    type: string
  trigger-type:
    enum:
    - http
    - pubsub
  type:
    enum:
    - gcp-periodic
  tz:
    type: string
required:
- schedule
- type