"description":"Revoked Login Token '84518e03-396a-425d-93ac-5ff1e1c993f8' which was previously issued to user 'fop-infrastructure-operator@example.com' due to a web logout"
Weitere Felder
Nicht zutreffend
Nicht zutreffend
Beispiellog
{"description":"Revoked Login Token '84518e03-396a-425d-93ac-5ff1e1c993f8' which was previously issued to user 'fop-infrastructure-operator@example.com' due to a web logout","id":"55f2ae33-d229-4057-aa1f-d62349281e9c","_gdch_service_tenant":"platform-obs","resource":"login_token","_gdch_tenant_id":"platform-obs","payload":{"id":"84518e03-396a-425d-93ac-5ff1e1c993f8","expirationTime":"2023-01-14T08:03:33.413710266+00:00","user":"fop-infrastructure-operator@example.com","groups":[""],"issuer":"fake-oidc-provider"},"_gdch_service_name":"ais","_gdch_namespace":"anthos-identity-service","operation":"revoke","metadata":{"userAgent":"","timestamp":"2023-01-13T20:04:30.529916149+00:00"},"_gdch_org_name":"UNKNOWN","_gdch_org_id":"UNKNOWN","_gdch_cluster":"org-1-admin","_gdch_fluentbit_pod":"anthos-audit-logs-forwarder-nhbwb"}
STS-Token erstellen
Felder im Logeintrag, die Audit-Informationen enthalten
Audit-Metadaten
Name des Audit-Felds
Wert
Nutzer- oder Dienstidentität
identity
Beispiel:
"identity":"fop-shengjiang"
Ziel-
(Felder und Werte, mit denen die API aufgerufen wird)
resource
"resource":"AIS STS token"
Aktion
(Felder mit der ausgeführten Operation)
action
"action":"Create"
Ereigniszeitstempel
time
Beispiel:
"time":"2022-11-22T18:31:37.084205362+00:00"
Quelle der Aktion
userAgent
Beispiel:
"userAgent":"Go-http-client/2.0"
Ergebnis
response
Beispiel:
"response":"Success"
Weitere Felder
Nicht zutreffend
Nicht zutreffend
Beispiellog
{"action":"Create","auditID":"vwWq8fQ-o9RTopgcZtAC_psm1aYyMKxkv47GOkdU","description":"An AIS STS token is minted for fop-shengjiang (from fake-oidc-provider) and will be valid for 11h59m49.438314611s","resource":"AIS STS token","response":"Success","time":"2022-11-22T18:31:37.084205362+00:00","user":{"groups":["group-claim-1","group-claim-2"],"identity":"fop-shengjiang","issuer":"fake-oidc-provider"},"userAgent":"Go-http-client/2.0"}
[[["Leicht verständlich","easyToUnderstand","thumb-up"],["Mein Problem wurde gelöst","solvedMyProblem","thumb-up"],["Sonstiges","otherUp","thumb-up"]],[["Schwer verständlich","hardToUnderstand","thumb-down"],["Informationen oder Beispielcode falsch","incorrectInformationOrSampleCode","thumb-down"],["Benötigte Informationen/Beispiele nicht gefunden","missingTheInformationSamplesINeed","thumb-down"],["Problem mit der Übersetzung","translationIssue","thumb-down"],["Sonstiges","otherDown","thumb-down"]],["Zuletzt aktualisiert: 2025-09-04 (UTC)."],[[["\u003cp\u003eThis audit log content focuses on GKE Identity Service activities related to root and organization workloads.\u003c/p\u003e\n"],["\u003cp\u003eThe logs document two primary operations: revoking or creating login tokens and creating STS tokens.\u003c/p\u003e\n"],["\u003cp\u003eAudit log entries contain detailed information such as user identity, target resource, performed action, event timestamp, source of action, and the operation's outcome.\u003c/p\u003e\n"],["\u003cp\u003eThe login token operation log includes metadata about the user, while the STS token operation log details the identity, action, and the token's validity period.\u003c/p\u003e\n"],["\u003cp\u003eThe information on each audited operations shows the different field names associated with the metadata they track, with examples of what the values could be.\u003c/p\u003e\n"]]],[],null,["# GKE Identity Service (GIS)\n\nRevoke or create a login token\n------------------------------\n\n**Example log** \n\n {\n \"description\":\"Revoked Login Token '84518e03-396a-425d-93ac-5ff1e1c993f8' which was previously issued to user 'fop-infrastructure-operator@example.com' due to a web logout\",\n \"id\":\"55f2ae33-d229-4057-aa1f-d62349281e9c\",\n \"_gdch_service_tenant\":\"platform-obs\",\n \"resource\":\"login_token\",\n \"_gdch_tenant_id\":\"platform-obs\",\n \"payload\":{\n \"id\":\"84518e03-396a-425d-93ac-5ff1e1c993f8\",\n \"expirationTime\":\"2023-01-14T08:03:33.413710266+00:00\",\n \"user\":\"fop-infrastructure-operator@example.com\",\n \"groups\":[\"\"],\n \"issuer\":\"fake-oidc-provider\"\n },\n \"_gdch_service_name\":\"ais\",\n \"_gdch_namespace\":\"anthos-identity-service\",\n \"operation\":\"revoke\",\n \"metadata\":{\n \"userAgent\":\"\",\n \"timestamp\":\"2023-01-13T20:04:30.529916149+00:00\"\n },\n \"_gdch_org_name\":\"UNKNOWN\",\n \"_gdch_org_id\":\"UNKNOWN\",\n \"_gdch_cluster\":\"org-1-admin\",\n \"_gdch_fluentbit_pod\":\"anthos-audit-logs-forwarder-nhbwb\"\n }\n\nCreate an STS token\n-------------------\n\n**Example log** \n\n {\n \"action\":\"Create\",\n \"auditID\":\"vwWq8fQ-o9RTopgcZtAC_psm1aYyMKxkv47GOkdU\",\n \"description\":\"An AIS STS token is minted for fop-shengjiang (from fake-oidc-provider) and will be valid for 11h59m49.438314611s\",\n \"resource\":\"AIS STS token\",\n \"response\":\"Success\",\n \"time\":\"2022-11-22T18:31:37.084205362+00:00\",\n \"user\":{\n \"groups\":[\n \"group-claim-1\",\n \"group-claim-2\"\n ],\n \"identity\":\"fop-shengjiang\",\n \"issuer\":\"fake-oidc-provider\"\n },\n \"userAgent\":\"Go-http-client/2.0\"\n }"]]
