This document describes audit logging for Dataflow, including which methods generate audit logs, details about the audit logs each method produces, and which methods do not produce audit logs, if any. Google Cloud generates audit logs that record administrative and access activities within your Google Cloud resources. For more information, see Cloud Audit Logs overview.
Service name
Dataflow audit logs use the service name dataflow.googleapis.com
.
Methods by permission type
Methods that check DATA_READ
, DATA_WRITE
, and
ADMIN_READ
permissions generate logs categorized as
Data Access audit logs.
Methods that check ADMIN_WRITE
permissions generate logs
categorized as
Admin Activity audit logs.
Permission type | Methods |
---|---|
ADMIN_WRITE |
dataflow.jobs.cancel dataflow.jobs.create dataflow.jobs.updateContents |
Audit logs for each API interface
For information about how and which permissions are evaluated, for each method, see the Identity and Access Management documentation for Dataflow.
dataflow.jobs
The following section contains details about audit logs associated with
methods belonging to dataflow.jobs
.
cancel
- Method:
dataflow.jobs.cancel
- Audit log type: Admin activity
- Permissions:
dataflow.jobs.cancel - ADMIN_WRITE
- Method is a long-running or streaming operation:
No.
- Filter for this method:
protoPayload.methodName="dataflow.jobs.cancel"
create
- Method:
dataflow.jobs.create
- Audit log type: Admin activity
- Permissions:
dataflow.jobs.create - ADMIN_WRITE
- Method is a long-running or streaming operation:
No.
- Filter for this method:
protoPayload.methodName="dataflow.jobs.create"
updateContents
- Method:
dataflow.jobs.updateContents
- Audit log type: Admin activity
- Permissions:
dataflow.jobs.updateContents - ADMIN_WRITE
- Method is a long-running or streaming operation:
No.
- Filter for this method:
protoPayload.methodName="dataflow.jobs.updateContents"