terraform-example-foundation icon indicating copy to clipboard operation
terraform-example-foundation copied to clipboard

Published 20 hours ago verified publisher icon terraform-google-modules

remove `data_access_logs_enabled`

Open eeaton opened this issue 1 year ago • 1 comments

TL;DR

There is no practical recommendation to use data_access_logs_enabled in any realistic scenario. I suggest we remove it.

An earlier version implemented this variable by default and rolled it back when customers were unhappy with the surprise large bill caused by data access logs; it was later switched to false by default and requires explicit enablement. However, my argument is that this variable has no use because we would never recommend turning on all data access logs for all services, it generates an enormous amount of noise and cost. The choice to enable data_access_logs should be based on the requirements of specific workloads, in the context of data sensitivity and regulatory requirements. (not a foundation-wide control)

Terraform Resources

Remove all references to [`data_access_logs_enabled`](https://github.com/search?q=repo%3Aterraform-google-modules%2Fterraform-example-foundation+data_access_logs_enabled&type=code)

Detailed design

No response

Additional information

No response

eeaton avatar Jul 01 '24 15:07 eeaton

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

github-actions[bot] avatar Aug 30 '24 23:08 github-actions[bot]

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

github-actions[bot] avatar Nov 01 '24 23:11 github-actions[bot]