Skip to content

edyw/gcp-resource-validator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
policy-library
policy-library
 
 
test-asset
test-asset
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
validator.go
validator.go
 
 

Repository files navigation

GCP Resource Validator

This is a sample for GCP resource validation service evaluating asset from Cloud Asset Inventory Feed. The service use Config Validator and Policy Library.

Quick start

If you don't have Go installed, download here and follow installation instructions.

Step by step guide

  1. Clone this repository and download dependencies:

    git clone https://github.com/edyw/gcp-resource-validator.git
go mod download

  2. Run the server:

    go run gcp-resource-validator

    You should see this from the server last line:

    ...
[GIN-debug] Listening and serving HTTP on :8080

  3. Simulate PubSub Push Subscription message using curl. Use another terminal:

    curl -X POST localhost:8080/validator -d @./test-asset/storage_location_us_msg.json

    You should this output from first terminal:

    Validating asset: //storage.googleapis.com/bucket-test-1
Violation 1 (high-GCPStorageLocationConstraintV1.allow_some_storage_location): //storage.googleapis.com/bucket-test-1 is in a disallowed location.

Full article

Design reference, GCP deployment with CAI Feed, Pub/Sub and Cloud Run, and step by step guide on the code: Evaluating your GCP Resource realtime

About

Example of GCP Resource Validator service from CAI Feed

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages