Class: Google::Apis::PrivatecaV1beta1::AuditConfig
- Inherits:
-
Object
- Object
- Google::Apis::PrivatecaV1beta1::AuditConfig
- Includes:
- Core::Hashable, Core::JsonObjectSupport
- Defined in:
- generated/google/apis/privateca_v1beta1/classes.rb,
generated/google/apis/privateca_v1beta1/representations.rb,
generated/google/apis/privateca_v1beta1/representations.rb
Overview
Specifies the audit configuration for a service. The configuration determines
which permission types are logged, and what identities, if any, are exempted
from logging. An AuditConfig must have one or more AuditLogConfigs. If there
are AuditConfigs for both allServices
and a specific service, the union of
the two AuditConfigs is used for that service: the log_types specified in each
AuditConfig are enabled, and the exempted_members in each AuditLogConfig are
exempted. Example Policy with multiple AuditConfigs: "audit_configs": [
"
service": "allServices", "audit_log_configs": [ "log_type": "DATA_READ", "
exempted_members": [ "user:jose@example.com" ]
, "log_type": "DATA_WRITE"
,
"log_type": "ADMIN_READ"
] ,
"service": "sampleservice.googleapis.com",
"audit_log_configs": [ "log_type": "DATA_READ"
, "log_type": "DATA_WRITE"
, "exempted_members": [ "user:aliya@example.com" ]
] ]
For sampleservice,
this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also
exempts jose@example.com from DATA_READ logging, and aliya@example.com from
DATA_WRITE logging.
Instance Attribute Summary collapse
-
#audit_log_configs ⇒ Array<Google::Apis::PrivatecaV1beta1::AuditLogConfig>
The configuration for logging of each type of permission.
-
#service ⇒ String
Specifies a service that will be enabled for audit logging.
Instance Method Summary collapse
-
#initialize(**args) ⇒ AuditConfig
constructor
A new instance of AuditConfig.
-
#update!(**args) ⇒ Object
Update properties of this object.
Constructor Details
#initialize(**args) ⇒ AuditConfig
Returns a new instance of AuditConfig.
212 213 214 |
# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 212 def initialize(**args) update!(**args) end |
Instance Attribute Details
#audit_log_configs ⇒ Array<Google::Apis::PrivatecaV1beta1::AuditLogConfig>
The configuration for logging of each type of permission.
Corresponds to the JSON property auditLogConfigs
203 204 205 |
# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 203 def audit_log_configs @audit_log_configs end |
#service ⇒ String
Specifies a service that will be enabled for audit logging. For example,
storage.googleapis.com
, cloudsql.googleapis.com
. allServices
is a special
value that covers all services.
Corresponds to the JSON property service
210 211 212 |
# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 210 def service @service end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
217 218 219 220 |
# File 'generated/google/apis/privateca_v1beta1/classes.rb', line 217 def update!(**args) @audit_log_configs = args[:audit_log_configs] if args.key?(:audit_log_configs) @service = args[:service] if args.key?(:service) end |