Cloud custodian GCP storage enable versioning check for all storage

Question

i am trying to write GCP storage bucket policy of Cloud custodian but not getting idea how to filter out the versioning on all avilable buckets

policies:
  - name: check-all-bucket-versioning
    description: |
      Check all bucket versionig enabled
    resource: gcp.bucket
    filters:
      - type: value
        key: versioning
        value: true
    actions:

any help would be really helpful..!

thanks

score 0 · Accepted Answer · answered Feb 25 '22 at 04:24

Your example policy is very close. It is failing because the value for versioning is an object rather than a string. When versioning is enabled for a bucket, the versioning value will be {"enabled": True}. We can filter for that by using versioning.enabled as the key:

policies:
  - name: check-all-bucket-versioning
    resource: gcp.bucket
    filters:
      - type: value
        key: versioning.enabled
        value: true

Cloud custodian GCP storage enable versioning check for all storage

1 Answers1