ram

module
v0.0.17-rc2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 31, 2020 License: Apache-2.0

README

RAM Real-time Asset Monitor

What

Audit Google Cloud resources (the assets) compliance against a set of rules when the resource is updated. The stream of detected non compliances could then be consumed to alert, report or even fix on the fly.

Use cases
  1. Security compliance, usually 80% of the rules
  2. Operational compliance
    • E.g. each Cloud SQL MySQL instance should have a defined maintenance window to avoid downtime
  3. Financial Operations (finOps) compliance
    • E.g. Do not provision anymore N1 virtual machines instances, instead provision N2: the price performance ratio is better

Why

  • It is all easier to fix when it is detected early
  • Value is delivered only when a detected non compliance is fixed

Documentation

Directories

Path Synopsis
services
dumpinventory
Package dumpinventory request CAI to perform an export Triggered by Cloud Scheduler Job, through PubSub messages.
Package dumpinventory request CAI to perform an export Triggered by Cloud Scheduler Job, through PubSub messages.
getgroupsettings
Package getgroupsettings retreives the settings of one group from `Groups Settings API` Triggered by PubSub messages from the GCI groups topic.
Package getgroupsettings retreives the settings of one group from `Groups Settings API` Triggered by PubSub messages from the GCI groups topic.
listgroupmembers
Package listgroupmembers extract all members from a group in GCI directory using the Admin SDK API Triggered by PubSub messages from the GCI groups topic.
Package listgroupmembers extract all members from a group in GCI directory using the Admin SDK API Triggered by PubSub messages from the GCI groups topic.
listgroups
Package listgroups extract all groups from a GCI directory using the Admin SDK API Triggered by Cloud Scheduler Job, through PubSub messages.
Package listgroups extract all groups from a GCI directory using the Admin SDK API Triggered by Cloud Scheduler Job, through PubSub messages.
monitorcompliance
Package monitorcompliance check asset compliance Triggered by Resource or IAM policies assets feed messages in PubSub topics.
Package monitorcompliance check asset compliance Triggered by Resource or IAM policies assets feed messages in PubSub topics.
publish2fs
Package publish2fs publish assets resource feeds as FireStore documents It manages creation, updates and delete.
Package publish2fs publish assets resource feeds as FireStore documents It manages creation, updates and delete.
splitdump
Package splitdump nibble large CAI dumps into PubSub asset feed messages One dump line = one PubSub message.
Package splitdump nibble large CAI dumps into PubSub asset feed messages One dump line = one PubSub message.
stream2bq
Package stream2bq streams PubSub message into BigQuery tables It can stream into 3 RAM tables: 1) assets 2) compliance states 3) violations.
Package stream2bq streams PubSub message into BigQuery tables It can stream into 3 RAM tables: 1) assets 2) compliance states 3) violations.
upload2gcs
Package upload2gcs stores feeds as JSON files in a GCS bucket Manage file creation (with override) and deletion.
Package upload2gcs stores feeds as JSON files in a GCS bucket Manage file creation (with override) and deletion.
utilities
ram
Package ram avoid code redundancy by grouping types and functions used by other ram packages
Package ram avoid code redundancy by grouping types and functions used by other ram packages

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL