LogPush for Google Cloud Storage (GCS)

Overview

Our services will periodically push audit logs to customer-managed GCS bucket. Authentication and authorization are securely handled by GCP IAM service.

Steps

To enable this feature, please contact your assigned Customer Engineer (CE) or support team to obtain the specific instruction. Below is a high level overview of the steps.

• Sourcegraph provides below information to customer:
  • email of a Sourcegraph-owned GCP Service Account (GSA)
  • a unique file to prove bucket ownership
• Customer to perform the following:
  • creates a GCS bucket
  • grants the Sourcegraph-owned GSA sufficient IAM roles to access the bucket
  • uploads the ownership file to prove bucket ownership
• Customer to inform Sourcegraph of the bucket name

Once completed, Sourcegraph will complete the LogPush configuration and start sending logs to the customer-managed GCS bucket.