We have a lot of user managed SA keys with a set expiry date & we want to get the notification of expiry keys via email & would like to receive a notification of service account keys expiration days before they do expire.
Asked
Active
Viewed 517 times
1
-
You will need to write that feature (Cloud Schedule + Cloud Functions). AFAIK there is no reporting/monitoring/messaging API on key expiration. – John Hanley Jun 15 '22 at 18:01
-
This should really be an enhancement request. – user1074593 Jul 24 '23 at 02:32
1 Answers
2
This looks like a job for "Cloud Run".
I'd implement this as a daily cloud run job that parses service accounts once a day looking for the expiry and acting accordingly, emailing, or publishing to pubsub or some such thing.
https://cloud.google.com/run/docs/triggering/using-scheduler.
My goto language is python, and that would be trivial, but you can whip this up in an array of languages.
David Thornton
- 31
- 2