What's the Workflow and Notification options for policy violations (DMCA etc)

[Reto Kaiser]

Hello!

I'm currently migrating an application from some other hoster to GCE/GKE. We're a small team maintaining the application.

Can anyone share some insights about the workflows involving policy violations? For example, what happens if somebody sends a DMCA request to GCP for some content hosted on my instance? Or what happens if my instance gets listed on a Spamhaus list?

The documentation I could find (https://support.google.com/cloud/answer/7002354?hl=en) says an email will be sent to the account owner:

> When your project is flagged, we send an email to the project owner at the email address that was used to create the project.

Does that mean the email will be sent to *all* users with the "Owner" role in IAM?

Is somehow possible to specifiy a special email address for this purpose?

Do you know what will be the email sender and/or subject of such emails so I could set up an email filter?

Thanks for any information!

Reto

[Fady (Google Cloud Platform)]

According to this document, I would like to clarify that it’s advisable as a best practice to “use the security principle of least privilege to grant IAM roles, that is, only give the least amount of access necessary to your resources.”. If you require full privileges for some of your team members, you may grant them the “editor” role instead of “ Owner”, but you should even fine-tune this to match the least privilege principle. This should also avoid some members getting emails that are supposed to be addressed to the actual owner(s) of a project.

As for policy violations, in some cases your project or even your account could be suspended/disabled until you appeal through the email process you mentioned. For more details please check this document.  As for the U.S. Digital Millennium Copyright Act (DMCA) requests, you may check this document about DMCA policy and its process hosted on Google Cloud Storage, and section 3.6 about Copyright Policy in this Google Cloud Platform terms of service document.

Furthermore, to avoid any future suspensions or flags, it is advisable to read the Google Cloud Terms of Service especially the restrictions section (3.3) at this link, and Google Cloud Platform Acceptable Use policy here. And if you are planning to make use of the Free Trial offer, please check these supplemental terms and conditions.