Overview of Advisory Notifications

Stay organized with collections Save and categorize content based on your preferences.

Advisory Notifications provides well-targeted, timely, and compliant communications about critical security and privacy events in the Google Cloud console and allows you to securely investigate the event, take action, and get support. Advisory Notifications aims to provide added trust and security in the following ways:

  • By integrating with Essential Contacts, Advisory Notifications makes it easy to ensure the most important people are notified.
  • Designated recipients receive only an email notification about the occurrence of a security or privacy event, but not the potentially sensitive information itself. Note that you might receive emails with full event details but this behaviour is gradually phasing out.
  • Security and privacy event details are stored in Google Cloud and require authentication and authorization to view their full details.
  • Notifications can be prioritized as desired for critical and timely events
  • Accompanying notification data can be downloaded securely.

To use Advisory Notifications, you must have an organization. If you are using Google Cloud without an organization, you will receive notifications of security and privacy events through email instead of through Advisory Notifications.

Types of notifications

The notifications include only security and privacy events. Other types of notifications, such as Mandatory Service Announcements (MSAs), which include billing errors, deprecation notices, and mandatory migrations can be added in the future.

Contacts for notifications

Advisory Notifications integrates with Essential Contacts to identify which users should receive notifications. Essential Contacts lets you customize who receives notifications by providing a list of contacts. Make sure that your organization-level Essential Contacts are up to date. For more information, see Essential Contacts documentation.

If Essential Contacts hasn't been configured, Advisory Notifications will send notifications to the default contacts, which are determined by Identity and Access Management roles. Advisory Notifications will determine which, if any, users have been granted a highly-privileged role in the following descending order:

  1. Organization Administrator (roles/resourcemanager.organizationAdmin)
  2. Project Owner (roles/owner on a project)
  3. Billing Account Administrator (roles/billing.admin)

If one or more users have been granted the Organization Administrator role, only they will be contacted. If no users have been granted the Organization Administrator role, then Advisory Notifications will move on to the next role in the hierarchy and determine if one or more users have been granted the Project Owner primitive role on any project owned by the organization. If any are found, only they will be contacted. Lastly, if no users have been granted the Organization Administrator or Project Owner role, Advisory Notifications will contact any users who have been granted the Billing Account Administrator role on any billing account owned by the organization.

What's next