<TOPIC_NAME>
with the name of the Pub/Sub topic you want to enable audit logging for.policy.json
file with the following content:
<USER_EMAIL>
with the email address of the user who should have the pubsub.publisher
role.<PERIMETER_NAME>
with a name for the perimeter and <PROJECT_ID>
with your GCP project ID.<TOPIC_NAME>
with the name of the Pub/Sub topic you want to enable encryption for, <PROJECT_ID>
with your GCP project ID, <KEY_RING_NAME>
with the name of the key ring, and <CRYPTO_KEY_NAME>
with the name of the crypto key.google-cloud-securitycenter
library to enable VPC Service Controls for your project.google-cloud-pubsub
library to implement access controls for your Pub/Sub topics and subscriptions.google-cloud-monitoring
library to monitor Pub/Sub activity and set up alerts for any suspicious events.google-cloud-securitycenter
, google-cloud-pubsub
, google-cloud-monitoring
) using pip before running these scripts.