This project demonstrates a production-grade serverless pipeline that bridges AWS and Google Cloud Platform.
- AWS API Gateway: Ingests log events.
- AWS Lambda (Python): Processes data and handles cross-cloud authentication.
- AWS Secrets Manager: Securely stores GCP Service Account credentials.
- Google Cloud Storage (GCS): Final destination for audit logs.
- SDK-less Integration: Uses REST API for GCS uploads to solve library dependency issues.
- Secure Auth: Implements OAuth 2.0 token exchange.
- Identity Governance: Adheres to the Principle of Least Privilege (PoLP).
To verify the bridge, send a mock audit event to the AWS API Gateway endpoint:
curl -X POST [https://your-api-id.execute-api.us-east-1.amazonaws.com/prod/logs](https://your-api-id.execute-api.us-east-1.amazonaws.com/prod/logs) \
-H "Content-Type: application/json" \
-d '{
"event_type": "security_audit",
"user": "admin-123",
"action": "key_rotation_verified"
}'