How to list/get the 'creator' of all GCP resource in a project?

Question

Is there a way to list/get the owner(creator) of all the resource under a project ? I have already looked at the answers here and tried the cloud assets api gcloud asset search-all-resources --scope=projects/123 but this doesn't list the creator of each resource. I have also referred to the searching resources samples queries here but again this doesn't suffice my needs.

Ideally I need the following, for example -
asset type -storage bucket
resource name - test_bucket
owner/creator/user - user123@org1.com or test@gservice_account.com
created - 02-02-2018

same for other asset types like compute instance, BigQuery datasets etc.

Has anyone ever tried this ?

Answer 1

What you are looking for is the Audit logs.

---

As mentioned in docs:

Google Cloud services write audit logs that record administrative activities and accesses within your Google Cloud resources. Audit logs help you answer "who did what, where, and when?" within your Google Cloud resources with the same level of transparency as in on-premises environments

Also,

• Here, you can find a list of all services that produces audit-logs.
• Take a look here on the Best practices and things to be taken into consideration while working with audit-logs.