GCP Logging Bucket
A Google Cloud Logging Bucket is the fundamental storage container used by Cloud Logging to hold log entries. Buckets can be regional or multi-regional, have configurable retention periods, support customer-managed encryption keys (CMEK) and expose fine-grained IAM controls for read/write access. They underpin features such as log routing, analytics and export to BigQuery or Cloud Storage.
For full details, see the official documentation: https://cloud.google.com/logging/docs/buckets
Supported Methods​
GET: Get a gcp-logging-bucket by its "locations|buckets"LISTSEARCH: Search for gcp-logging-bucket by its "locations"
Possible Links​
gcp-cloud-kms-crypto-key​
If CMEK protection is enabled, the logging bucket references a Cloud KMS CryptoKey via its kmsKeyName field. That key is used to encrypt and decrypt the log data at rest, creating a dependency between the bucket and the specified crypto-key.
gcp-iam-service-account​
Access to write, read or manage the bucket is granted through IAM bindings that often target service accounts (e.g., log sinks use a dedicated writer service account). The bucket therefore maintains relationships with any service account that has been granted a role on it.