[PROJECT_ID]
with your GCP project ID, [NETWORK_NAME]
with the name of your VPC network, and [IP_RANGE]
with the IP range of your VPC network.[PROJECT_ID]
with your GCP project ID, [MEMBER]
with the email address or service account of the user, and [ROLE]
with the desired IAM role.[SINK_NAME]
with a name for your logging sink, and [BUCKET_NAME]
with the name of the Cloud Storage bucket where you want to store the logs.google-cloud-securitycenter
library to enable VPC Service Controls for CloudSpanner.update_organization_settings
method to update the organization settings and enable VPC Service Controls.google-cloud-iam
library to implement IAM roles and permissions for CloudSpanner.set_iam_policy
method to set the IAM policy for a CloudSpanner instance or database.google-cloud-logging
library to implement audit logging for CloudSpanner.write_log_entries
method to write audit logs to Cloud Logging.{organization_id}
, {project_id}
, {instance_id}
, {database_id}
, {log_name}
, and [email protected]
with the appropriate values specific to your GCP environment.