Product logo
DocsHubBlogPricing
On this page
Get Involved
Edit on GitHub

Enable Automatic Enforcement

In this guide we’ll show how you can enable Guardrails to act autonomously. For large cloud footprints, it is often desirable to have Guardrails take automated actions based on your organization's compliance and security posture. Guardrails' controls can take a number of different automated enforcement actions, including deleting resources, changing the configuration of a resource, and tagging a resource.

This is the last guide in the Getting started with GCP series.

Prerequisites:

  • Completion of the previous guides in this series.
  • Access to the Guardrails console with administrative privileges.
Note

In the previous guide we showed how to add the single permission that enables you to take a Quick Action on GCP bucket access control. This guide also requires that permission.

Step 1: Open the Policy Pack

In the guide titled Enable your First Policy Pack you enabled Enforce Uniform Access Is Enabled for GCP Storage Buckets. Select Policies from the top-level navigation bar, then choose that Policy Pack from the list.

Step 2: Edit the policy setting

Select the pencil icon next to the calculated policy you created earlier.

Step 3: Disable calculated mode

Select Disable calculated mode to return to standard policy mode.

Step 4: Enable enforcement

Choose Enforce: Uniform and select Update.

Step 5: Observe Guardrails in action

Use your bookmark to navigate back to Controls by State report, and use the Type filter to choose GCP > Storage > Bucket > Access Control. In a few minutes all of your buckets in this account are now either OK or Skipped.

Try setting access control on a bucket back to fine-grained. It won’t stay that way for long!

Step 6: Review

In this guide series you learned the basics of importing GCP accounts into Guardrails, enabling Policy Packs, creating exceptions and notifications, and even more mischief.

Next Steps

This Getting Started series just scratches the surface of what you can do with Guardrails. Try installing more policy packs into your workspace, and run through this series again to explore the breadth and variety of what Guardrails can do.

Progress tracker

Congratulations! You did it!

  • Prepare a GCP Project for Import to Guardrails
  • Connect a GCP Project to Guardrails
  • Observe GCP Activity
  • Enable Your First Guardrails Policy Pack
  • Review Project-Wide Governance
  • Create a Static Exception to a Guardrails Policy
  • Create a Calculated Exception to a Guardrails GCP Policy
  • Send an Alert to Email
  • Apply a Quick Action
  • Enable Automatic Enforcement