Supported services

This document lists all the services that write Access Transparency logs.

GA indicates that a log type is generally available for a service. Preview indicates that a log type is available, but might be changed in backward-incompatible ways and is not subject to any SLA or deprecation policy.

If you want to enable Access Transparency logs, see Enabling Access Transparency.

Supported Google Cloud services

Access Transparency supports the following Google Cloud services:

Google Cloud services with Access Transparency support Availability
Artifact Registry GA
Anthos clusters on VMware GA
App Engine1 GA
BigQuery2 GA
Binary Authorization GA
Cloud Bigtable GA
Cloud Composer GA
Cloud Data Fusion GA
Cloud Data Loss Prevention GA
Cloud External Key Manager GA
Cloud Healthcare API3 GA
Cloud HSM GA
Cloud Key Management Service (KMS) GA
Cloud Run GA
Cloud Logging GA
Cloud Spanner GA
Cloud SQL GA
Cloud Storage GA
Cloud Vision GA
Cloud VPN GA
Compute Engine GA
Contact Center AI Insights GA
Container Registry Preview
Dataflow GA
Dataproc GA
Dialogflow CX GA
Document AI4 GA
Google Kubernetes Engine GA
Identity and Access Management GA
Organization Policy Service GA
Persistent Disk GA
Pub/Sub5 GA
Secret Manager GA
Speaker ID GA
Speech-to-Text GA
Text-to-Speech GA
Vertex AI6 GA
Vertex AI Feature Store GA
Vertex AI Workbench user-managed notebooks GA

1 Cloud Storage and Cloud SQL are the only compatible storage backends for App Engine currently supported by Access Transparency.

2 Some information about your queries, tables, and datasets might not generate an Access Transparency log entry if viewed by Google Cloud Support. Viewing query text, table names, dataset names, and dataset access control lists might not generate Access Transparency log entries; this access pathway gives read-only access. Viewing query results and table or dataset data generates Access Transparency log entries.

Some Access Transparency logs for BigQuery might not contain the accessApprovals field.

Data in queries residing in non-Google regions for BigQuery Omni does not generate an Access Transparency log entry.

3 Features within Cloud Healthcare API that are not yet generally available might not generate Access Transparency logs. For more information, see the Cloud Healthcare API documentation.

4 Requests that use either the v1beta2 API version or features exposed through the alpha-documentai.googleapis.com endpoint will not generate Access Transparency logs.

5 Some information about your topics and subscriptions might not generate an Access Transparency log entry if viewed by Google Cloud Support. Viewing topic names, subscription names, message attributes, and timestamps might not generate Access Transparency log entries; this access pathway gives read-only access. Viewing message payloads generates Access Transparency log entries.

6 There are some scenarios for which access to your data in Vertex AI by Google personnel isn't logged. See Limitations of Access Transparency in Vertex AI for the complete list of such scenarios.

Support for Google Workspace

Several Google Workspace services such as Gmail, Google Docs, Google Calendar, and Google Drive record the actions that Google personnel take when accessing customer content.

Access Transparency logs help ensure that Google personnel access customer content with a valid business justification. Access Transparency logs can also help security information and event management (SIEM) tools identify data exfiltration and exposure to external malicious actors targeting your Google Workspace resources. You can use the Google Cloud console to access the Access Transparency logs that Google Workspace services generate.

For more information about Access Transparency logs for Google Workspace, including the list of Google Workspace services that support Access Transparency, see Access Transparency: View logs on Google access to user content.

For information about viewing and understanding the Access Transparency logs that Google Workspace services generate, see Viewing Access Transparency logs for Google Workspace.

For information about the audit logs that Google Workspace services generate, see Cloud Audit Logs for Google Workspace.