library
turbot/gcp_thrifty
- Detect & correct AlloyDB clusters exceeding max age
- Detect & correct long-running AlloyDB instances exceeding max age
- Detect & correct Compute addresses if unattached
- Detect & correct Compute disks attached to stopped instances
- Detect & correct Compute disks exceeding max size
- Detect & correct Compute disks if unattached
- Detect & correct Compute disks with low usage
- Detect & correct Compute engine instances exceeding max age
- Detect & correct Compute engine instances large
- Detect & correct Compute instances with low utilization
- Detect & correct Compute node groups without autoscaling
- Detect & correct Compute snapshots exceeding max age
- Detect & correct Dataproc clusters without autoscaling
- Detect & correct Kubernetes clusters exceeding max age
- Detect & correct GKE clusters without vertical pod autoscaling
- Detect & correct Logging Buckets with high retention period
- Detect & correct Redis instances exceeding max age
- Detect & correct SQL database instances exceeding max age
- Detect & correct SQL DB instances with low connection count
- Detect & correct SQL DB instances with low cpu utilization
- Detect & correct Storage buckets without lifecycle policies
- Detect & correct VPN gateways with no tunnels
Get Involved
Version
Detect & correct Logging buckets with high retention
Overview
Logging buckets can be costly to run, especially if they're rarely used, buckets with high retention periods should be reviewed to determine if they're still required.
This query trigger detects Logging buckets with high retention periods and then either sends a notification or attempts to perform a predefined corrective action.
Getting Started
By default, this trigger is disabled, however it can be configured by setting the below variables
logging_buckets_with_high_retention_trigger_enabled
should be set totrue
as the default isfalse
.logging_buckets_with_high_retention_trigger_schedule
should be set to your desired running schedulelogging_buckets_with_high_retention_default_action
should be set to your desired action (i.e."notify"
for notifications or"update_retention"
to update the retention period of the bucket).
Then starting the server:
flowpipe server
or if you've set the variables in a .fpvars
file:
flowpipe server --var-file=/path/to/your.fpvars
Query
select concat(name, ' [', location, '/', project, ']') as title, name as bucket_name, location, project, _ctx ->> 'connection_name' as credfrom gcp_logging_bucketwhere name != '_Required' and retention_days > 20;
Schedule
15m