[cbushko]

I really enjoyed this article. I will assume that logs are being sent to a dedicated GCP project.

Can you shorten the retention of logs and traces in Stackdriver? If so, that would be amazing and make this practical for all dev use.

[lawrjone]

We have some terraform that generates each developer their own GCP project, along with all the infrastructure and build pipelines they'd need to run their stack themselves.

It looks something like this:

    module "incident_io" {
      for_each = {
        "staging" = {
          project = "incident-io-staging"
        }
        "production" = {
          project = "incident-io-production"
        }
        "dev-lawrence" = {
          project    = "incident-io-dev-lawrence"
          autodeploy = true
        }
        "dev-lisa" = {
          project    = "incident-io-dev-lisa"
          autodeploy = true
        }
        # ...
      }

      source = "./modules/stack"

      application       = "incident-io"
      instance          = each.key
      google_project_id = each.value.project
      autodeploy        = lookup(each.value, "autodeploy", false)
    }

So their traces + logs get sent to their own StackDriver instances, rather than polluting either staging or production.

[cbushko]

That is an interesting way to do it. Per project would allow you to set give each developer all the permissions they need.

The worry I have with this is that as you grow you will eventually end up with a bunch of dead projects. You need to cleanup that list every so often as employees come and go.

We have a dev project so they could send their logs there.