"annotations":{"authorization.k8s.io/decision":"allow","authorization.k8s.io/reason":"RBAC: allowed by ClusterRoleBinding \"gatekeeper-manager-rolebinding\" of ClusterRole \"gatekeeper-manager-role\" to ServiceAccount \"gatekeeper-admin/gatekeeper-system\""}
Log di esempio
{"userAgent":"gatekeeper/v3.7.0 (linux/amd64) 3ba8e93/2021-11-15T20:59:44Z","sourceIPs":["10.200.0.4"],"objectRef":{"apiGroup":"resourcemanager.gdc.goog","resource":"organizations","apiVersion":"v1alpha1"},"stageTimestamp":"2022-12-06T23:05:22.590986Z","kind":"Event","apiVersion":"audit.k8s.io/v1","level":"Metadata","auditID":"38da3a00-47b8-424f-8d63-d89258e2043e","requestReceivedTimestamp":"2022-12-06T23:05:22.586546Z","verb":"list","_gdch_cluster":"root-admin","_gdch_fluentbit_pod":"anthos-audit-logs-forwarder-2j85z","stage":"ResponseComplete","responseStatus":{"code":200,"metadata":{}},"user":{"uid":"253b9e2f-fde2-4e37-ae7b-36a55d57aafb","username":"system:serviceaccount:gatekeeper-system:gatekeeper-admin","extra":{"authentication.kubernet es.io/pod-name":["gatekeeper-audit-7fd7bc5d97-x9x8b"],"authentication.kubernetes.io/pod-uid":["e62eaabc-2530-4c36-b793-a98b42c061eb"]},"groups":["system:serviceaccounts","system:serviceaccounts:gatekeeper-system","system: authenticated"]},"requestURI":"/apis/resourcemanager.gdc.goog/v1alpha1/organizations?limit=500","annotations":{"authorization.k8s.io/decision":"allow","authorization.k8s.io/reason":"RBAC: allowed by ClusterRoleBinding \"gatekeeper-manager-rolebinding\" of ClusterRole \"gatekeeper-manager-role\" to ServiceAccount \"gatekeeper-admin/gatekeeper-system\""},"_gdch_service_name":"apiserver"}
[[["Facile da capire","easyToUnderstand","thumb-up"],["Il problema è stato risolto","solvedMyProblem","thumb-up"],["Altra","otherUp","thumb-up"]],[["Difficile da capire","hardToUnderstand","thumb-down"],["Informazioni o codice di esempio errati","incorrectInformationOrSampleCode","thumb-down"],["Mancano le informazioni o gli esempi di cui ho bisogno","missingTheInformationSamplesINeed","thumb-down"],["Problema di traduzione","translationIssue","thumb-down"],["Altra","otherDown","thumb-down"]],["Ultimo aggiornamento 2025-09-04 UTC."],[[["\u003cp\u003eThis content details audit logs for root-only workloads, specifically focusing on operations performed on the KRM API Management Plane.\u003c/p\u003e\n"],["\u003cp\u003eAudit logs are sourced from Kubernetes audit logs, providing information on actions taken within the platform.\u003c/p\u003e\n"],["\u003cp\u003eKey fields in the audit log entries include user identity, the target of the action, the performed action (verb), the event timestamp, the source of the action, the outcome, and other relevant annotations.\u003c/p\u003e\n"],["\u003cp\u003eAn example log is included, showcasing a typical audit entry with detailed information on a "list" operation performed by a service account, along with details such as the request URI, source IP, and authorization decision.\u003c/p\u003e\n"]]],[],null,["# Organizations (ORG)\n\nPerform operations on the KRM API Management Plane\n--------------------------------------------------\n\n**Example log** \n\n {\n \"userAgent\":\"gatekeeper/v3.7.0 (linux/amd64) 3ba8e93/2021-11-15T20:59:44Z\",\n \"sourceIPs\":[\n \"10.200.0.4\"\n ],\n \"objectRef\":{\n \"apiGroup\":\"resourcemanager.gdc.goog\",\n \"resource\":\"organizations\",\n \"apiVersion\":\"v1alpha1\"\n },\n \"stageTimestamp\":\"2022-12-06T23:05:22.590986Z\",\n \"kind\":\"Event\",\n \"apiVersion\":\"audit.k8s.io/v1\",\n \"level\":\"Metadata\",\n \"auditID\":\"38da3a00-47b8-424f-8d63-d89258e2043e\",\n \"requestReceivedTimestamp\":\"2022-12-06T23:05:22.586546Z\",\n \"verb\":\"list\",\n \"_gdch_cluster\":\"root-admin\",\n \"_gdch_fluentbit_pod\":\"anthos-audit-logs-forwarder-2j85z\",\n \"stage\":\"ResponseComplete\",\n \"responseStatus\":{\n \"code\":200,\n \"metadata\":{}\n },\n \"user\":{\n \"uid\":\"253b9e2f-fde2-4e37-ae7b-36a55d57aafb\",\n \"username\":\"system:serviceaccount:gatekeeper-system:gatekeeper-admin\",\n \"extra\":{\n \"authentication.kubernet es.io/pod-name\":[\n \"gatekeeper-audit-7fd7bc5d97-x9x8b\"\n ],\n \"authentication.kubernetes.io/pod-uid\":[\n \"e62eaabc-2530-4c36-b793-a98b42c061eb\"\n ]\n },\n \"groups\":[\n \"system:serviceaccounts\",\n \"system:serviceaccounts:gatekeeper-system\",\n \"system: authenticated\"\n ]\n },\n \"requestURI\":\"/apis/resourcemanager.gdc.goog/v1alpha1/organizations?limit=500\",\n \"annotations\":{\n \"authorization.k8s.io/decision\":\"allow\",\n \"authorization.k8s.io/reason\":\"RBAC: allowed by ClusterRoleBinding \\\"gatekeeper-manager-rolebinding\\\" of ClusterRole \\\"gatekeeper-manager-role\\\" to ServiceAccount \\\"gatekeeper-admin/gatekeeper-system\\\"\"\n },\n \"_gdch_service_name\":\"apiserver\"\n }"]]
