HansMarcus01 opened a new pull request, #39116:
URL: https://github.com/apache/beam/pull/39116

   This pull request introduces automation for auditing and verifying Google 
Cloud service accounts that haven't been rotated using GitHub Actions.
   
   It adds a new workflow that detects keys generated outside the rotation 
system, updates the documentation to reflect this automation, and manages it 
through a GitHub Action to reflect the current status of the keys.
   
   These changes help ensure the rotation system is being used, which helps 
maintain a clean and secure environment.
   
   ## Automation and Workflow Integration:
   
   - **Daily Scheduled Audit**:  Added 
(`.github/workflows/beam_Infraestructure_AuditUnmanagedKeys.yml`), a new GitHub 
Action workflow scheduled to run daily to continuously monitor GCP service 
account keys.
   
   ## Documentation Updates:
   
   - **GitHub Actions Integration**: Updated the README.md to document the new 
Unmanaged Keys Audit workflow and its daily scheduling.
   - **Account Keys Features**: Added detailed descriptions of the new 
capabilities, including Unmanaged Key Detection, Stateful Security Alerts, and 
Self-Healing Resolution.
   -  **Announce Action Behavior**: Clarified how the `--action announce` flag 
handles general configuration errors versus critical security alerts (rogue 
keys).
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to