Artifact Registry (AR)

Workload location

File storage

Audit log source

Artifact Management audit logs

Audited operations

Log type

Data plane

Create an artifact

Fields in the log entry that contain audit information
Audit metadata Audit field name Value
User or service identity user

For example,

"user":{
  "identity":"s:gpc-system:artifact-registry-services-registry-exporter",
  "issuer":"artifact.private.gdc.goog/hra"
}

Target

(Fields and values that call the API)

  • resource
  • _gdch_service_name
  • _gdch_cluster

"resource": "library/configsync:1.9.0-gdch.306",
"_gdch_service_name": "artifactmanagement",
"_gdch_cluster": "root-admin"

Action

(Fields containing the performed operation)

action

"action": "create"

Event timestamp time

For example,

"time": "2022-11-30T02:14:33Z"

Source of action Not available.

Not available.

Outcome Only successful operations are logged.

Only successful operations are logged.

Other fields _gdch_cluster

For example,

"_gdch_cluster": "root-admin"

Example log

{
  "auditID": "15000",
  "action": "create",
  "time": "2022-11-30T02:14:33Z",
  "user":{
    "identity":"s:gpc-system:artifact-registry-services-registry-exporter",
    "issuer":"artifact.private.gdc.goog/hra"
  },
  "resource": "library/configsync:1.9.0-gdch.306",
  "_gdch_service_name": "artifactmanagement",
  "_gdch_namespace": "harbor-system",
  "_gdch_service_tenant": "infra-obs",
  "_gdch_cluster": "root-admin",
  "_gdch_fluentbit_pod": "anthos-audit-logs-forwarder-wqbg8"
}

Delete an artifact

Fields in the log entry that contain audit information
Audit metadata Audit field name Value
User or service identity user

For example,

"user":{
  "identity":"s:gpc-system:artifact-registry-services-registry-exporter",
  "issuer":"artifact.private.gdc.goog/hra"
}

Target

(Fields and values that call the API)

  • resource
  • _gdch_service_name
  • _gdch_cluster

"resource": "library/test:v1",
"_gdch_service_name": "artifactmanagement",
"_gdch_cluster": "root-admin"

Action

(Fields containing the performed operation)

action

"action": "delete"

Event timestamp time

For example,

"time": "2022-11-30T21:26:17.718Z"

Source of action Not available.

Not available.

Outcome Only successful operations are logged.

Only successful operations are logged.

Other fields _gdch_cluster

For example,

"_gdch_cluster": "root-admin"

Example log

{
  "auditID": "3993",
  "action": "delete",
  "time": "2022-11-30T21:26:17.718Z",
  "user":{
    "identity":"s:gpc-system:artifact-registry-services-registry-exporter",
    "issuer":"artifact.private.gdc.goog/hra"
  },
  "resource": "library/test:v1",
  "_gdch_service_name": "artifactmanagement",
  "_gdch_namespace": "harbor-system",
  "_gdch_service_tenant": "infra-obs",
  "_gdch_cluster": "root-admin",
  "_gdch_fluentbit_pod": "anthos-audit-logs-forwarder-wqbg8"
}

Pull an artifact

Fields in the log entry that contain audit information
Audit metadata Audit field name Value
User or service identity user

For example,

"user":{
  "identity":"s:gpc-system:artifact-registry-services-registry-exporter",
  "issuer":"artifact.private.gdc.goog/hra"
}

Target

(Fields and values that call the API)

  • resource
  • _gdch_service_name
  • _gdch_cluster

"resource": "library/test:v1",
"_gdch_service_name": "artifactmanagement",
"_gdch_cluster": "root-admin"

Action

(Fields containing the performed operation)

action

"action": "pull"

Event timestamp time

For example,

"time": "2022-11-30T02:14:33Z"

Source of action Not available.

Not available.

Outcome Only successful operations are logged.

Only successful operations are logged.

Other fields _gdch_cluster

For example,

"_gdch_cluster": "root-admin"

Example log

{
  "auditID": "3996",
  "action": "pull",
  "time": "2022-11-30T02:14:33Z",
  "user":{
    "identity":"s:gpc-system:artifact-registry-services-registry-exporter",
    "issuer":"artifact.private.gdc.goog/hra"
  },
  "resource": "library/test:v1",
  "_gdch_service_name": "artifactmanagement",
  "_gdch_namespace": "harbor-system",
  "_gdch_service_tenant": "infra-obs",
  "_gdch_cluster": "root-admin",
  "_gdch_fluentbit_pod": "anthos-audit-logs-forwarder-wqbg8"
}