Class: Google::Iam::V1::AuditLogConfig

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/iam/v1/policy.rb

Overview

Provides the configuration for logging a type of permissions. Example:

{
  "audit_log_configs": [
    {
      "log_type": "DATA_READ",
      "exempted_members": [
        "user:[email protected]"
      ]
    },
    {
      "log_type": "DATA_WRITE"
    }
  ]
}

This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting [email protected] from DATA_READ logging.

Defined Under Namespace

Modules: LogType

Instance Attribute Summary collapse

Instance Attribute Details

#exempted_members::Array<::String>

Returns Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][google.iam.v1.Binding.members].

Returns:

  • (::Array<::String>)

    Specifies the identities that do not cause logging for this type of permission. Follows the same format of [Binding.members][google.iam.v1.Binding.members].



317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
 
# File 'proto_docs/google/iam/v1/policy.rb', line 317

class AuditLogConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The list of valid permission types for which logging can be configured.
  # Admin writes are always logged, and are not configurable.
  module LogType
    # Default case. Should never be this.
    LOG_TYPE_UNSPECIFIED = 0

    # Admin reads. Example: CloudIAM getIamPolicy
    ADMIN_READ = 1

    # Data writes. Example: CloudSQL Users create
    DATA_WRITE = 2

    # Data reads. Example: CloudSQL Users list
    DATA_READ = 3
  end
end

#log_type::Google::Iam::V1::AuditLogConfig::LogType

Returns The log type that this config enables.

Returns:



317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
 
# File 'proto_docs/google/iam/v1/policy.rb', line 317

class AuditLogConfig
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The list of valid permission types for which logging can be configured.
  # Admin writes are always logged, and are not configurable.
  module LogType
    # Default case. Should never be this.
    LOG_TYPE_UNSPECIFIED = 0

    # Admin reads. Example: CloudIAM getIamPolicy
    ADMIN_READ = 1

    # Data writes. Example: CloudSQL Users create
    DATA_WRITE = 2

    # Data reads. Example: CloudSQL Users list
    DATA_READ = 3
  end
end