| title | platform |
|---|---|
About the google_project_metrics Resource |
gcp |
Use the google_project_metrics InSpec audit resource to test properties of all, or a filtered group of, GCP project metrics.
A google_project_metrics resource block collects GCP project logging sinks by project then tests that group.
describe google_project_metrics(project: 'chef-inspec-gcp') do
it { should exist }
end
Use this InSpec resource to enumerate IDs then test in-depth using google_project_metric.
google_project_metrics(project: 'chef-inspec-gcp').sink_names.each do |metric_name|
describe google_project_metric(project: 'chef-inspec-gcp', metric: metric_name) do
it { should exist }
end
end
The following examples show how to use this InSpec audit resource.
describe google_project_metrics(project: 'chef-inspec-gcp') do
its('count') { should be <= 100}
end
describe google_project_metrics(project: 'chef-inspec-gcp') do
its('metric_names') { should include "metric-name" }
end
google_project_metrics(project: 'chef-inspec-gcp').where(metric_name: /project/).metric_names.each do |metric_name|
describe google_project_metric(project: 'chef-inspec-gcp', metric: metric_name) do
its('filter') { should eq "(protoPayload.serviceName=\"cloudresourcemanager.googleapis.com\")" }
end
end
This resource supports the following filter criteria: metric_name; metric_type and metric_filter. Either of these may be used with where, as a block or as a method.
metric_names- an array of google_project_metric name stringsmetric_filters- an array of google_project_metric filter stringsmetric_types- an array of google_project_metric type strings
Ensure the Stackdriver Logging API is enabled for the project.