"description":"Revoked Login Token '84518e03-396a-425d-93ac-5ff1e1c993f8' which was previously issued to user 'fop-infrastructure-operator@example.com' due to a web logout"
기타 필드
해당 없음
해당 없음
예시 로그
{"description":"Revoked Login Token '84518e03-396a-425d-93ac-5ff1e1c993f8' which was previously issued to user 'fop-infrastructure-operator@example.com' due to a web logout","id":"55f2ae33-d229-4057-aa1f-d62349281e9c","_gdch_service_tenant":"platform-obs","resource":"login_token","_gdch_tenant_id":"platform-obs","payload":{"id":"84518e03-396a-425d-93ac-5ff1e1c993f8","expirationTime":"2023-01-14T08:03:33.413710266+00:00","user":"fop-infrastructure-operator@example.com","groups":[""],"issuer":"fake-oidc-provider"},"_gdch_service_name":"ais","_gdch_namespace":"anthos-identity-service","operation":"revoke","metadata":{"userAgent":"","timestamp":"2023-01-13T20:04:30.529916149+00:00"},"_gdch_org_name":"UNKNOWN","_gdch_org_id":"UNKNOWN","_gdch_cluster":"org-1-admin","_gdch_fluentbit_pod":"anthos-audit-logs-forwarder-nhbwb"}
STS 토큰 만들기
감사 정보가 포함된 로그 항목의 필드
감사 메타데이터
감사 필드 이름
값
사용자 또는 서비스 ID
identity
예를 들면 다음과 같습니다.
"identity":"fop-shengjiang"
대상
(API를 호출하는 필드 및 값)
resource
"resource":"AIS STS token"
작업
(실행된 작업을 포함하는 필드)
action
"action":"Create"
이벤트 타임스탬프
time
예를 들면 다음과 같습니다.
"time":"2022-11-22T18:31:37.084205362+00:00"
작업 소스
userAgent
예를 들면 다음과 같습니다.
"userAgent":"Go-http-client/2.0"
결과
response
예를 들면 다음과 같습니다.
"response":"Success"
기타 필드
해당 없음
해당 없음
예시 로그
{"action":"Create","auditID":"vwWq8fQ-o9RTopgcZtAC_psm1aYyMKxkv47GOkdU","description":"An AIS STS token is minted for fop-shengjiang (from fake-oidc-provider) and will be valid for 11h59m49.438314611s","resource":"AIS STS token","response":"Success","time":"2022-11-22T18:31:37.084205362+00:00","user":{"groups":["group-claim-1","group-claim-2"],"identity":"fop-shengjiang","issuer":"fake-oidc-provider"},"userAgent":"Go-http-client/2.0"}
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[[["\u003cp\u003eThis audit log content focuses on GKE Identity Service activities related to root and organization workloads.\u003c/p\u003e\n"],["\u003cp\u003eThe logs document two primary operations: revoking or creating login tokens and creating STS tokens.\u003c/p\u003e\n"],["\u003cp\u003eAudit log entries contain detailed information such as user identity, target resource, performed action, event timestamp, source of action, and the operation's outcome.\u003c/p\u003e\n"],["\u003cp\u003eThe login token operation log includes metadata about the user, while the STS token operation log details the identity, action, and the token's validity period.\u003c/p\u003e\n"],["\u003cp\u003eThe information on each audited operations shows the different field names associated with the metadata they track, with examples of what the values could be.\u003c/p\u003e\n"]]],[],null,["# GKE Identity Service (GIS)\n\nRevoke or create a login token\n------------------------------\n\n**Example log** \n\n {\n \"description\":\"Revoked Login Token '84518e03-396a-425d-93ac-5ff1e1c993f8' which was previously issued to user 'fop-infrastructure-operator@example.com' due to a web logout\",\n \"id\":\"55f2ae33-d229-4057-aa1f-d62349281e9c\",\n \"_gdch_service_tenant\":\"platform-obs\",\n \"resource\":\"login_token\",\n \"_gdch_tenant_id\":\"platform-obs\",\n \"payload\":{\n \"id\":\"84518e03-396a-425d-93ac-5ff1e1c993f8\",\n \"expirationTime\":\"2023-01-14T08:03:33.413710266+00:00\",\n \"user\":\"fop-infrastructure-operator@example.com\",\n \"groups\":[\"\"],\n \"issuer\":\"fake-oidc-provider\"\n },\n \"_gdch_service_name\":\"ais\",\n \"_gdch_namespace\":\"anthos-identity-service\",\n \"operation\":\"revoke\",\n \"metadata\":{\n \"userAgent\":\"\",\n \"timestamp\":\"2023-01-13T20:04:30.529916149+00:00\"\n },\n \"_gdch_org_name\":\"UNKNOWN\",\n \"_gdch_org_id\":\"UNKNOWN\",\n \"_gdch_cluster\":\"org-1-admin\",\n \"_gdch_fluentbit_pod\":\"anthos-audit-logs-forwarder-nhbwb\"\n }\n\nCreate an STS token\n-------------------\n\n**Example log** \n\n {\n \"action\":\"Create\",\n \"auditID\":\"vwWq8fQ-o9RTopgcZtAC_psm1aYyMKxkv47GOkdU\",\n \"description\":\"An AIS STS token is minted for fop-shengjiang (from fake-oidc-provider) and will be valid for 11h59m49.438314611s\",\n \"resource\":\"AIS STS token\",\n \"response\":\"Success\",\n \"time\":\"2022-11-22T18:31:37.084205362+00:00\",\n \"user\":{\n \"groups\":[\n \"group-claim-1\",\n \"group-claim-2\"\n ],\n \"identity\":\"fop-shengjiang\",\n \"issuer\":\"fake-oidc-provider\"\n },\n \"userAgent\":\"Go-http-client/2.0\"\n }"]]
