More Info:

Ensure publish throughput capacity is between 4 and 16

Risk Level

Low

Address

Operational Maturity, Reliability

Compliance Standards

CBP

Triage and Remediation

Remediation

Using Console

To remediate the “Publish Throughput Capacity Should Be Between 4 and 16” misconfiguration in GCP using the GCP console, follow these steps:
  1. Log in to the GCP console (console.cloud.google.com).
  2. Navigate to the Pub/Sub section by clicking on the hamburger menu on the top left corner and selecting “Pub/Sub” under the “Big Data” section.
  3. Click on the name of the topic for which you want to remediate the misconfiguration.
  4. Click on the “Edit” button on the top of the page.
  5. In the “Publish throughput capacity” section, select a value between 4 and 16.
  6. Click on the “Save” button to apply the changes.
Once you have completed these steps, the misconfiguration should be remediated, and the publish throughput capacity of the topic should be within the recommended range.

To remediate the “Publish Throughput Capacity Should Be Between 4 and 16” misconfiguration on GCP using GCP CLI, follow these steps:
  1. Open the Cloud Shell in the GCP Console.
  2. Run the following command to set the maximum publish throughput for the Pub/Sub topic to 16: 
    gcloud pubsub topics update TOPIC_NAME --update-attribute=maximumPublishThroughput=16
    Replace TOPIC_NAME with the name of the Pub/Sub topic that needs to be remediated.
  3. Verify that the maximum publish throughput has been set to 16 by running the following command: 
    gcloud pubsub topics describe TOPIC_NAME --format="get(messageStoragePolicy.maximumPublishThroughput)"
    Replace TOPIC_NAME with the name of the Pub/Sub topic that was remediated. The output of the command should be 16.
  4. If the maximum publish throughput needs to be set to a value between 4 and 16, run the following command instead: 
    gcloud pubsub topics update TOPIC_NAME --update-attribute=maximumPublishThroughput=VALUE
    Replace TOPIC_NAME with the name of the Pub/Sub topic that needs to be remediated, and replace VALUE with the desired maximum publish throughput value between 4 and 16. Verify that the maximum publish throughput has been set to the desired value by running the command in step 3 again.
To remediate the “Publish Throughput Capacity Should Be Between 4 and 16” misconfiguration in GCP using Python, you can follow these steps:
  1. Install the Google Cloud Pub/Sub client library for Python using the following command:
pip install google-cloud-pubsub
  1. Authenticate the client by setting the environment variable GOOGLE_APPLICATION_CREDENTIALS to the path of your service account key file:
export GOOGLE_APPLICATION_CREDENTIALS=/path/to/service_account_key.json
  1. Use the google.cloud.pubsub_v1.PublisherClient class to get the current throughput capacity of the topic:
from google.cloud import pubsub_v1

project_id = "your-project-id"
topic_name = "your-topic-name"

publisher = pubsub_v1.PublisherClient()
topic_path = publisher.topic_path(project_id, topic_name)

topic = publisher.get_topic(topic_path)
current_throughput = topic.publish_throughput_quota
  1. If the current throughput capacity is outside the desired range of 4 to 16, update the topic’s throughput capacity using the google.cloud.pubsub_v1.types.UpdateTopicRequest class:
from google.cloud.pubsub_v1.types import UpdateTopicRequest

if current_throughput < 4 or current_throughput > 16:
    new_throughput = max(4, min(16, current_throughput))
    update_request = UpdateTopicRequest(
        topic=topic_path,
        topic_pb=pubsub_v1.types.Topic(
            name=topic_path,
            publish_throughput_quota=new_throughput
        ),
        update_mask=pubsub_v1.types.FieldMask(
            paths=["publish_throughput_quota"]
        )
    )
    publisher.update_topic(update_request)
This will update the topic’s throughput capacity to the nearest value within the range of 4 to 16.