Skip to content

Access Audits Management

Goal

Enable and manage access audits in BigQuery using PolicySync. This allows you to track and filter access events in detail.

Prerequisites for audit setup

Before you begin, ensure the following:

  • Privacera Manager is installed and the base installation operational.
  • The BigQuery connector is configured or currently being configured.

Configuration Steps

To enable access audits for BigQuery, update the following properties in the vars.connector.bigquery.yml file, located in the connector’s instance directory.

Property Details

CONNECTOR_BIGQUERY_AUDIT_ENABLE:

  • Set this property to true to enable access audit data fetching from BigQuery.
  • When enabled, PolicySync will collect access audit logs from the specified BigQuery project and dataset.

CONNECTOR_BIGQUERY_AUDIT_EXCLUDED_USERS:

  • This property is used to specify a list of users whose access audits should be excluded by PolicySync.
  • Provide a comma-separated list of email addresses for users whose access events should be excluded from the audit logs.

CONNECTOR_BIGQUERY_AUDIT_PROJECT_ID

  • Specify the project ID from which BigQuery audits should be retrieved.
  • This is the GCP project where the audit logs are stored and queried.

CONNECTOR_BIGQUERY_AUDIT_DATASET_NAME

  • Specify the dataset name that will be used to query and retrieve access audits from BigQuery.
  • This is the dataset within the project that contains the audit information.

Update Configuration File Modify the following property in the vars.connector.bigquery.yml file located in the connector’s instance directory.

Warning

The values shown below are for example purposes only. Replace them with your actual configuration values.

YAML
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
# Enable access audit fetching from BigQuery
CONNECTOR_BIGQUERY_AUDIT_ENABLE: "true"

# Set the list of users whose access audits should be ignored
CONNECTOR_BIGQUERY_AUDIT_EXCLUDED_USERS: "user1@example.com, user2@example.com"

# Set the project ID to fetch BigQuery audits
CONNECTOR_BIGQUERY_AUDIT_PROJECT_ID: "your-bigquery-project-id"

# Set the dataset name to fetch BigQuery audits
CONNECTOR_BIGQUERY_AUDIT_DATASET_NAME: "your-bigquery-dataset-name"
Save the file and update the privacera manager
Bash
1
2
cd ~/privacera/privacera-manager
./privacera-manager.sh update

  1. In PrivaceraCloud, go to Settings -> Applications.

  2. On the Applications screen, select BigQuery.

  3. Enter the application Name and Description. Click Save. Name could be any name of your choice. E.g. BigQuery Connector for account 123456.

  4. Open the BigQuery application.

  5. Enable the Access Management option with toggle button.

  6. Under the ADVANCED tab, enter the values for:

    • Ignore Audit for Users :
      Enter a comma-separated list of user email addresses to exclude from audit logs.

    • Project ID Used to Fetch BigQuery Audits :
      Enter the project ID where BigQuery audit logs are stored.

    • Dataset Used to Fetch BigQuery Audits :
      Enter the name of the dataset containing the audit data.

  7. Click SAVE.

    1. The configured BigQuery connector appears under Applications.

    2. Once saved and enabled, the BigQuery connector will start. Then you can hover on the VIEW LOGS button to check the status, either Running or Stopped.

Note

Text Only
1
Perform the following steps only if the connector does not reflect the updated configuration and requires a restart.

Restart The BigQuery Connector:

  1. Go to Settings > Applications > select the BigQuery connector application .

  2. Edit the application > Disable it > and Save it.

  3. Open the same application again and then: Enable it and Save it.

Comments