Logging for Dialogflow CX agents is disabled
Description
This policy is examining whether logging is enabled for Dialogflow CX agents. Dialogflow CX is a sophisticated conversational AI tool that can be used to build and manage virtual agents. If logging isn't enabled, it would be challenging to track interactions, troubleshoot issues, or monitor the performance and usage of these virtual agents. This could potentially lead to a loss of critical data, failure to adhere to certain compliance requirements, and a lack of visibility over the system. Hence, it's regarded as a poor practice not to have logging enabled for Dialogflow CX agents.
Code Example
go
resource "google_dialogflow_cx_agent" "agent" {
...
enable_stackdriver_logging = true
}Remediation
Terraform
- Resource: google_dialogflow_cx_agent
- Arguments: enable_stackdriver_logging
To fix the issue, introduce the `enable_stackdriver_logging` field in your `google_dialogflow_cx_agent` resource and set it to `true`:
Rule Details
| Field | Value |
|---|---|
| ID | IAC-1015 |
| Severity | MEDIUM |
| IaC Type | Terraform |
| Frameworks | Terraform, TerraformPlan |
| Checkov ID | CKV2_GCP_30 |