gcp-k8s-strackdriver-logs-off

Ensure Stackdriver Logging is set to Enabled on Kubernetes Engine Clusters

It is highly recommended to enable StackDriver Logging on your GKE cluster as it will allow for better integration with Google Cloud unleashing many powerful features useful for security auditing.

Examples

Insecure Example

resource "google_container_cluster" "k8s-cluster" {
  name     = "my-gke"
  location = "us-central1"

  initial_node_count = 1

  network    = google_compute_network.vpc.name
  subnetwork = google_compute_subnetwork.subnet.name

  logging_service = "logging.googleapis.com" # Legacy logging
}

Secure Example

resource "google_container_cluster" "k8s-cluster" {
  name     = "my-gke"
  location = "us-central1"

  initial_node_count = 1

  network    = google_compute_network.vpc.name
  subnetwork = google_compute_subnetwork.subnet.name

  logging_service = "logging.googleapis.com/kubernetes"
}

More information

• GCP Docs
• Terraform Docs