Product logo
DocsHubBlogPricing
On this page
Get Involved
Edit on GitHub

Enable your First Policy Pack

In this guide, you will learn how to attach a Guardrails Policy Pack to enable governance controls.

This is the fourth guide in the Getting started with GCP series.

Prerequisites

  • Completion of the previous guides in this series.
  • Access to the Guardrails console with administrative privileges.
  • Access to the GCP console with the ability to create and modify storage buckets.

Step 1: Check bucket access control in GCP

Check the properties of the bucket you created in the previous guide (Observe GCP activity). Verify that access control is still set to Fine-grained on the test bucket you created.

Step 2: Filter controls

You bookmarked the Controls by State report in Connect a Project, go there now. From the filter bar open the Type dropdown and search for gcp storage bucket access control. Select the checkbox next to GCP > Storage > Bucket > Access Control.

Step 3: Find your bucket

Search for your bucket by typing its name into the search field. It should be in the Skipped state, because Guardrails has not been configured to check bucket access control.

Step 4: Navigate to your account

Control-click on the Guardrails logo on the top of the page to open a new homepage browser tab.

Click on the Accounts sub-tab from the homepage and then select your GCP account.

On the account resource page, select the Detail sub-tab.

Step 5: Locate the Policy Pack manager

Select the Manage Link next to Policy Packs UI widget.

Step 6: Attach the Policy Pack to your project

In the Edit policy pack attachments dialog box, select Add.

Your Guardrails workspace should have the Policy Pack Enforce Uniform Access is Enabled for GCP Storage Buckets pre-installed.

In the dropdown, select the Policy Pack named Enforce Uniform Access is Enabled for GCP Storage Buckets. Then select Save.

Step 7: Observe policy effect

Return to your open browser tab (or bookmark) for the Controls by State report. Observe that the control state for your test bucket changes from Skip to Alarm. It is in the Alarm state because you turned off uniform access in Observe GCP Activity but the policy requires it.

Step 8: Review

In this guide you've attached a Policy Pack to your GCP account to check GCP bucket access control, and observed how the policy affects your bucket's control for Access Control.

Next Steps

In the next guide you will create some additional buckets to see how the Policy Pack responds to new resource creation.

Progress tracker

  • Prepare a GCP Project for Import to Guardrails
  • Connect a GCP Project to Guardrails
  • Observe GCP Activity
  • Enable Your First Guardrails Policy Pack
  • Review Project-Wide Governance
  • Create a Static Exception to a Guardrails Policy
  • Create a Calculated Exception to a Guardrails GCP Policy
  • Send an Alert to Email
  • Apply a Quick Action
  • Enable Automatic Enforcement