Using Console
Using CLI
[BUCKET_NAME]
with the name of the GCS bucket where you want to store the logs, [ORGANIZATION_ID]
with the ID of your GCP organization, and [PROJECT_ID]
with the ID of the GCP project where you want to enable the firewall log exports.Logs Writer
role to the [email protected]
service account:[PROJECT_ID]
with the ID of the GCP project where you enabled the firewall log exports.[email protected]
service account:allow-cloud-logs
tag to the instances where you want to allow traffic from the [email protected]
service account:[INSTANCE_NAME]
with the name of the instance where you want to allow traffic from the [email protected]
service account, and [ZONE]
with the zone where the instance is located.By following these steps, you will enable firewall log exports and allow the [email protected]
service account to access the logs.Using Python