0

Is there a way to list/get the owner(creator) of all the resource under a project ? I have already looked at the answers here and tried the cloud assets api gcloud asset search-all-resources --scope=projects/123 but this doesn't list the creator of each resource. I have also referred to the searching resources samples queries here but again this doesn't suffice my needs.

Ideally I need the following, for example -
asset type -storage bucket
resource name - test_bucket
owner/creator/user - user123@org1.com or test@gservice_account.com
created - 02-02-2018

same for other asset types like compute instance, BigQuery datasets etc.

Has anyone ever tried this ?

analyst045
  • 628
  • 7
  • 21
  • Why do you want to know the creator of the resource? You can have this information in the system logs, but they are deleted after 400 days. – guillaume blaquiere Feb 21 '22 at 16:12
  • @guillaumeblaquiere - as you would have probably come across - we have lots of ghost resources which are costing $ but no one knows why and who created them in the first place and if we can turn them off without having an impact . in short bad practices of past haunting the present – analyst045 Feb 21 '22 at 23:12
  • Sadly, if the past is longer than 400 days, it's impossible to know the creator. You have to try, investigate, make some mistakes,... hard time ahead. – guillaume blaquiere Feb 22 '22 at 12:18
  • I would suggest using the stackdriver to filter and explore the past audit logs. And if you want to prevent this in the future, I would propose having a datastore document or a small database to store user info filtered from logs, regarding the components. – Rajeev Tirumalasetty Feb 22 '22 at 12:35

1 Answers1

2

What you are looking for is the Audit logs.

As mentioned in docs:

Google Cloud services write audit logs that record administrative activities and accesses within your Google Cloud resources. Audit logs help you answer "who did what, where, and when?" within your Google Cloud resources with the same level of transparency as in on-premises environments

Also,

  • Here, you can find a list of all services that produces audit-logs.
  • Take a look here on the Best practices and things to be taken into consideration while working with audit-logs.
Atef Hares
  • 4,715
  • 3
  • 29
  • 61