Logging for Dialogflow CX webhooks is disabled
Description
This policy is checking to see if logging is enabled for Dialogflow CX webhooks. Dialogflow CX is a conversational AI platform that can be used to create virtual agents, IVR systems, and chatbots. Webhooks provide a way to deliver data to other applications, therefore logging for these webhooks is essential.
Not having logging enabled for Dialogflow CX webhooks could lead to several problems. For instance, without logging, it becomes extremely difficult to debug issues or understand the performance and usage patterns of your webhooks. Additionally, this may expose the system to security threats as potential malicious activities or breaches cannot be traced or understood. Therefore, enabling logging is an important best practice for monitoring and maintaining the security, performance and reliability of the system.
Code Example
resource "google_dialogflow_cx_webhook" "default" {
...
enable_stackdriver_logging = true
}Remediation
Terraform
- Resource: google_dialogflow_cx_webhook
- Arguments: enable_stackdriver_logging
To fix the issue, you should enable logging for Dialogflow CX webhooks in the Google Cloud Platform.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-1016 |
| Severity | MEDIUM |
| IaC Type | Terraform |
| Frameworks | Terraform, TerraformPlan |
| Checkov ID | CKV2_GCP_31 |