Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New SecOps anonymization pipeline #2794

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

New SecOps anonymization pipeline #2794

wants to merge 2 commits into from

Conversation

simonebruzzechesse
Copy link
Collaborator

I applicable, I acknowledge that I have:

  • Read the contributing guide
  • Ran terraform fmt on all modified files
  • Regenerated the relevant README.md files using tools/tfdoc.py
  • Made sure all relevant tests pass

@simonebruzzechesse simonebruzzechesse force-pushed the bruzz/secops-anonymization branch from 14f3ded to 8e6795c Compare January 2, 2025 11:54
rosmo
rosmo reviewed Jan 7, 2025
View reviewed changes
blueprints/secops/secops-anonymization-pipeline/source/main.py
BUCKET = SECOPS_OUTPUT_BUCKET if not SKIP_ANONYMIZATION else SECOPS_EXPORT_BUCKET
bucket = storage_client.bucket(BUCKET)
export_ids = utils.get_secops_export_folders_for_date(BUCKET, export_date)
backstory_credentials = service_account.Credentials.from_service_account_file(
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't it be better to do SA impersonation?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be great but that is a "google managed" SA shared with the customer so the customer cannot update IAM bindings on that SA on his own

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P4SA? Well, that sucks...

@simonebruzzechesse simonebruzzechesse force-pushed the bruzz/secops-anonymization branch 2 times, most recently from 399ffa3 to ce431a6 Compare January 8, 2025 08:20
@simonebruzzechesse simonebruzzechesse force-pushed the bruzz/secops-anonymization branch from ce431a6 to 44bb380 Compare January 10, 2025 16:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rosmo rosmo rosmo left review comments

@drebes drebes drebes left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
on:blueprints
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@simonebruzzechesse @drebes @rosmo