This page describes how to view a completed audit in Audit Manager. When an audit has been completed, Audit Manager will create and store the following types of artifacts in the destination storage buckets for you to view:
You can also view this information in the Google Cloud console by following the steps in the View completed audits section.
Before you begin
- Ensure that your administrator has granted you one of the required Identity and Access Management (IAM) roles to view audits.
- Ensure that you've enrolled a resource for auditing.
- Ensure that you've run an audit, and have identified which audit you want to view.
Required IAM roles
To view an audit, at minimum you must be granted the
Audit Manager Auditor
(roles/auditmanager.auditor) role. This role grants you the ability to create
or view audit reports.
View completed audits
To view completed audits in the Google Cloud console, complete the following steps:
In the Google Cloud console, go to the Audit Manager page.
In the Compliance Audits section, click View Audits.
On the View assessments page, you can view the current status of an in-progress audit or get more information about a completed audit. Click the link the Status column to view more information about the audit.
Audit summary report
An audit summary report is a comprehensive report that provides a high-level overview of all compliance controls and a responsibilities matrix to help you understand the system.
In the destination bucket(s), the audit summary report uses the following naming convention:
audit-reports/audit_CONTROL_PACKAGE_NAME_TIMESTAMP/UNIQUE_ID/overall_report.ods
The placeholder values are described as follows:
- CONTROL_PACKAGE_NAME: The name of the control package, such
as
FEDRAMP_MODERATE. - TIMESTAMP: A timestamp when the report was generated.
- UNIQUE_ID: A unique ID for the report.
For each applicable control type, the following fields are populated in the audit summary report:
| Control type | Description |
|---|---|
| Control Info | A description and requirement for the control. |
| Google Responsibility | Google Cloud responsibility and implementation details. |
| Customer Responsibility | Customer responsibility and implementation details. |
| Assessment Status | Status of compliance for the control. Status can be one of the
following types:
|
| Control Report Link | A link to the control overview report. |
Control overview report
A control overview report contains a detailed description of the compliance evaluation for a single control. It provides assessment details for each compliance check with observations and expected values.
In the destination bucket(s), the control overview report uses the following naming convention:
audit-reports/audit_CONTROL_PACKAGE_NAME_TIMESTAMP/UNIQUE_ID/CONTROL_ID.ods
The placeholder values are described as follows:
- CONTROL_PACKAGE_NAME: The name of the control package, such as
FEDRAMP_MODERATE. - TIMESTAMP: A timestamp when the report was generated.
- UNIQUE_ID: A unique ID for the report.
- CONTROL_ID: The ID for the control.
A control overview report looks similar to the following example:
| Control ID: COMPLIANT | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Service name | # of resources | Status | Resource Evaluation Details | ||||||||
| Resource ID | Measured Field | Current Value | Expected Value | Status | Evidence Resource URI | Evidence Timestamp | Evidence for Project/Folder | Evidence Link | |||
| Total services in scope for this control | Total resources in audit scope | Compliance status | Resource identifier | Configuration to be measured for audit | Observed values | Compliant values | Individual compliance status | Timestamp when evidence was collected | |||
| product1.googleapis.com | 2 | COMPLIANT | Resource 1 | abc | 10 | >=10 | COMPLIANT | Resource 1 | 12/05/2023 12:55:16 | Project 1 | Link 1 |
| def | 15 | =15 | COMPLIANT | Resource 4 | 12/05/2023 13:55:16 | Project 1 | Link 4 | ||||
| Resource 2 | xyz | 20 | =20 | COMPLIANT | Resource 2 | 12/05/2023 14:55:16 | Project 1 | Link 2 | |||
| product2.googleapis.com | 1 | COMPLIANT | Resource 3 | def | 5 | >=5 | COMPLIANT | Resource 3 | 12/05/2023 15:55:16 | Project 1 | Link 3 |
Evidence
Evidence includes all the resources evaluated for each control, including a raw dump of asset data along with the command that was run to produce the output.
In the destination bucket(s), evidence uses the following naming convention:
audit-reports/audit_CONTROL_PACKAGE_NAME_TIMESTAMP/UNIQUE_ID/evidences/evidenceEVIDENCE_ID.json
The placeholder values are described as follows:
- CONTROL_PACKAGE_NAME: The name of the control package, such as
FEDRAMP_MODERATE. - TIMESTAMP: A timestamp when the report was generated.
- UNIQUE_ID: A unique ID for the report.
- EVIDENCE_ID: A unique ID for the evidence.