Class: Google::Iam::V1::AuditLogConfig

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/iam/v1/policy.rb

Overview

Provides the configuration for logging a type of permissions. Example:

{
  "audit_log_configs": [
    {
      "log_type": "DATA_READ",
      "exempted_members": [
        "user:jose@example.com"
      ]
    },
    {
      "log_type": "DATA_WRITE"
    }
  ]
}

This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

Defined Under Namespace

Modules: LogType

Instance Attribute Summary collapse

Instance Attribute Details

#exempted_members::Array<::String>

Returns Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.

Returns:

  • (::Array<::String>)

    Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.



317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
# File 'proto_docs/google/iam/v1/policy.rb', line 317

class AuditLogConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The list of valid permission types for which logging can be configured.
  # Admin writes are always logged, and are not configurable.
  module LogType
    # Default case. Should never be this.
    LOG_TYPE_UNSPECIFIED = 0

    # Admin reads. Example: CloudIAM getIamPolicy
    ADMIN_READ = 1

    # Data writes. Example: CloudSQL Users create
    DATA_WRITE = 2

    # Data reads. Example: CloudSQL Users list
    DATA_READ = 3
  end
end

#log_type::Google::Iam::V1::AuditLogConfig::LogType

Returns The log type that this config enables.

Returns:



317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
# File 'proto_docs/google/iam/v1/policy.rb', line 317

class AuditLogConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The list of valid permission types for which logging can be configured.
  # Admin writes are always logged, and are not configurable.
  module LogType
    # Default case. Should never be this.
    LOG_TYPE_UNSPECIFIED = 0

    # Admin reads. Example: CloudIAM getIamPolicy
    ADMIN_READ = 1

    # Data writes. Example: CloudSQL Users create
    DATA_WRITE = 2

    # Data reads. Example: CloudSQL Users list
    DATA_READ = 3
  end
end