Class: Google::Apis::ServicemanagementV1::AuditConfig

Inherits:

Object

• Object
• Google::Apis::ServicemanagementV1::AuditConfig

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

generated/google/apis/servicemanagement_v1/classes.rb,
generated/google/apis/servicemanagement_v1/representations.rb,
generated/google/apis/servicemanagement_v1/representations.rb

Overview

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConifg must have one or more AuditLogConfigs. If there are AuditConfigs for both allServices and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditConfig are exempted. Example Policy with multiple AuditConfigs: "audit_configs": [ "service": "allServices" "audit_log_configs": [ "log_type": "DATA_READ", "exempted_members": [ "user:foo@gmail.com" ] , "log_type": "DATA_WRITE", , "log_type": "ADMIN_READ", ] , "service": "fooservice@googleapis.com" "audit_log_configs": [ "log_type": "DATA_READ", , "log_type": "DATA_WRITE", "exempted_members": [ "user:bar@gmail.com" ] ] ] For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.

Instance Attribute Summary

• #audit_log_configs ⇒ Array<Google::Apis::ServicemanagementV1::AuditLogConfig>

  The configuration for logging of each type of permission.

• #exempted_members ⇒ Array<String>

  Corresponds to the JSON property exemptedMembers.

• #service ⇒ String

  Specifies a service that will be enabled for audit logging.

Instance Method Summary

• #initialize(**args) ⇒ AuditConfig constructor

  A new instance of AuditConfig.

• #update!(**args) ⇒ Object

  Update properties of this object.

Methods included from Core::JsonObjectSupport

#to_json

Methods included from Core::Hashable

process_value, #to_h

Constructor Details

#initialize(**args) ⇒ AuditConfig

Returns a new instance of AuditConfig

# File 'generated/google/apis/servicemanagement_v1/classes.rb', line 4296

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#audit_log_configs ⇒ Array<Google::Apis::ServicemanagementV1::AuditLogConfig>

The configuration for logging of each type of permission. Next ID: 4 Corresponds to the JSON property auditLogConfigs

Returns:

• (Array<Google::Apis::ServicemanagementV1::AuditLogConfig>)

# File 'generated/google/apis/servicemanagement_v1/classes.rb', line 4294

def audit_log_configs
  @audit_log_configs
end

#exempted_members ⇒ Array<String>

Corresponds to the JSON property exemptedMembers

Returns:

• (Array<String>)

# File 'generated/google/apis/servicemanagement_v1/classes.rb', line 4281

def exempted_members
  @exempted_members
end

#service ⇒ String

Specifies a service that will be enabled for audit logging. For example, storage.googleapis.com, cloudsql.googleapis.com. allServices is a special value that covers all services. Corresponds to the JSON property service

Returns:

• (String)

# File 'generated/google/apis/servicemanagement_v1/classes.rb', line 4288

def service
  @service
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'generated/google/apis/servicemanagement_v1/classes.rb', line 4301

def update!(**args)
  @exempted_members = args[:exempted_members] if args.key?(:exempted_members)
  @service = args[:service] if args.key?(:service)
  @audit_log_configs = args[:audit_log_configs] if args.key?(:audit_log_configs)
end