Syntax
A google_logging_project_exclusion
is used to test a Google ProjectExclusion resource
Examples
describe google_logging_project_exclusion(project: 'chef-gcp-inspec', name: 'inspec-project-exclusion') do
it { should exist }
its('description'){ should cmp 'My project exclusion description' }
its('filter'){ should cmp 'resource.type = gce_instance AND severity <= DEBUG' }
end
describe google_logging_project_exclusion(project: 'chef-gcp-inspec', name: 'nonexistent') do
it { should_not exist }
end
Test that a GCP project logging exclusion name is as expected
describe google_logging_project_exclusion(project: 'chef-inspec-gcp', exclusion: 'exclusion-name-abcd') do
its('name') { should eq 'exclusion-name-abcd' }
end
Test that a GCP project logging exclusion filter is set correctly
describe google_logging_project_exclusion(project: 'chef-inspec-gcp', exclusion: 'exclusion-name-abcd') do
its('filter') { should eq 'resource.type = gce_instance AND severity <= DEBUG' }
end
Test that a GCP project logging exclusion description is as expected
describe google_logging_project_exclusion(project: 'chef-inspec-gcp', exclusion: 'exclusion-name-abcd') do
its('description') { should eq 'Exclude GCE instance debug logs' }
end
Properties
Properties that can be accessed from the google_logging_project_exclusion
resource:
project
: Id of the project that this exclusion applies to.name
: Name of the exclusion, specified by the server during create.description
: A user provided description of this exclusion.filter
: An advanced logs filter. The only exported log entries are those that are in the resource owning the sink and that match the filter.disabled
: If set to true then this exclusion is disabled and it does not exclude any log entries.
GCP Permissions
Ensure the Stackdriver Logging API is enabled for the current project.