You need detailed visibility into IAM policy changes, user activity, service account usage, and access to sensitive projects in your Google Cloud environment. What is the recommended approach?

Exam-Like

Configure Google Cloud Functions to be triggered by changes to IAM policies. Analyze changes by using the policy simulator, send alerts upon risky modifications, and store event details.

Enable the metrics explorer in Cloud Monitoring to follow the service account authentication events and build alerts linked on it.

Use Cloud Audit Logs. Create log export sinks to send these logs to a security information and event management (SIEM) solution for correlation with other event sources.

Deploy the OS Config Management agent to your VMs. Use OS Config Management to create patch management jobs and monitor system modifications.

Google Professional Cloud Security Engineer

Get started today

Comments

You need detailed visibility into IAM policy changes, user activity, service account usage, and access to sensitive projects in your Google Cloud environment. What is the recommended approach?