Ensure Essential Contacts Configured For Organization
More Info:
Many Google Cloud services, such as Cloud Billing, send out notifications to share important information with Google Cloud users. By default, these notifications are sent to members with certain Identity and Access Management (IAM) roles. With Essential Contacts, you can customize who receives notifications by providing your own list of contacts.Risk Level
MediumAddress
Security, ReliabilityCompliance Standards
CISGCP, CBPTriage and Remediation
Remediation
Using Console
Using Console
To remediate the misconfiguration “Ensure Essential Contacts Configured For Organization” for GCP using GCP console, follow the steps given below:
- Login to GCP console using your credentials.
- Go to the Navigation menu and select “IAM & Admin”.
- Click on “Settings” from the left-hand side menu.
- Scroll down to the “Essential Contacts” section and click on “Configure”.
- Click on “Add contact” and enter the email address of the contact person.
- Select the contact type from the dropdown menu.
- Click on “Add” to save the contact details.
- Repeat steps 5 to 7 to add more contacts if required.
- Once you have added all the essential contacts, click on “Save” to save the changes.
Using CLI
Using CLI
To remediate the misconfiguration “Ensure Essential Contacts Configured For Organization” for GCP using GCP CLI, you can follow the below steps:
- Open the GCP Cloud Shell by clicking on the Activate Cloud Shell button on the top of the GCP Console.
-
Run the following command to list all the organizations in your GCP account:
- Note down the organization ID of the organization for which you want to ensure essential contacts are configured.
-
Run the following command to ensure essential contacts are configured for the organization:
Replace
<ORGANIZATION_ID>with the organization ID you noted down in step 3 and<EMAIL_ADDRESS>with the email address of the essential contact(s) you want to configure. Note: You can configure multiple email addresses separated by commas. -
Verify that the essential contact(s) have been configured for the organization by running the following command:
This command will output the email address(es) of the essential contact(s) configured for the organization.
Using Python
Using Python
To remediate the “Ensure Essential Contacts Configured For Organization” misconfiguration for GCP using Python, you can follow these steps:Note: Replace
- Import the necessary libraries:
- Set up authentication using a service account:
- Create a client object for the Organizations API:
- Get the current organization:
- Check if essential contacts are configured:
- If essential contacts are not configured, configure them:
your_org_id, project_id, topic_name, and org_id with the appropriate values for your organization. Also, make sure the service account has the necessary permissions to update organization settings.