Halaman ini diterjemahkan oleh Cloud Translation API.

Cluster Kubernetes (KUB)

Lokasi workload	Workload hanya root
Sumber log audit	Log audit Kubernetes
Operasi yang diaudit	Perubahan data NodePoolClaim Perubahan data AddressPoolClaim Perubahan data SubnetClaim Perubahan data CIDRClaim Perubahan data cluster Perubahan data NodePool

Perubahan data NodePoolClaim (operasi CRUD)

Kolom dalam entri log yang berisi informasi audit
Metadata audit	Nama kolom audit	Nilai
Identitas pengguna atau layanan	`user.username`	Misalnya, "user":{ "username":"system:serviceaccount:kube-system: anthos-cluster-operator-1.13.2" }
Target (Kolom dan nilai yang memanggil API)	`requestURI`	`"requestURI":"/apis/baremetal.cluster.gke.io/v1/ namespaces/org-1/nodepoolclaims/admin-control-plane-node-pool/ status"`
Tindakan (Kolom yang berisi operasi yang dilakukan)	`verb`	`"verb":"update"`
Stempel waktu peristiwa	`requestReceivedTimestamp`	Misalnya, `"requestReceivedTimestamp":"2022-11-18T23:15:22.882546Z"`
Sumber tindakan	`sourceIPs`	Misalnya, `"sourceIPs":["10.253.128.74"]`
Hasil	`stage`	Misalnya, `"stage":"ResponseComplete"`
Kolom lainnya	`kind` `objectRef`	Misalnya, "kind": "Event", "objectRef": { "resource": "nodepoolclaims", "namespace": "org-1", "subresource": "status", "name": "admin-control-plane-node-pool", "apiVersion": "v1", "apiGroup": "baremetal.cluster.gke.io", "resourceVersion": "878163", "uid": "b2e1bec0-0f7c-4a57-869b-3fcb969ba7e2" }

Contoh log

{
  "responseStatus": {
    "metadata": {},
    "code": 200
  },
  "_gdch_cluster": "root-admin",
  "sourceIPs": [
    "10.253.128.74"
  ],
  "annotations": {
    "authorization.k8s.io/reason": "RBAC: allowed by ClusterRoleBinding \
    "operator-rolebinding-1.13.2\
    "of ClusterRole \"anthos-baremetal-operator-1.13.2\" 
    to ServiceAccount \"anthos-cluster-operator-1.13.2/kube-system\"",
    "authorization.k8s.io/decision": "allow"
  },
  "requestReceivedTimestamp": "2022-11-23T23:19:42.690064Z",
  "stageTimestamp": "2022-11-23T23:19:42.695372Z",
  "_gdch_fluentbit_pod": "anthos-audit-logs-forwarder-4hlmv",
  "apiVersion": "audit.k8s.io/v1",
  "level": "Metadata",
  "user": {
    "extra": {
      "authentication.kubernetes.io/pod-name": [
        "anthos-cluster-operator-1.13.2-bc6b7467d-22z88"
      ],
      "authentication.kubernetes.io/pod-uid": [
        "004e1b37-6d4d-4959-b77d-0e69dce5ef4a"
      ]
    },
    "groups": [
      "system:serviceaccounts",
      "system:serviceaccounts:kube-system",
      "system:authenticated"
    ],
    "username": "system:serviceaccount:kube-system:anthos-cluster-operator-1.13.2",
    "uid": "4ebfd4f7-f371-4c40-9f88-ea0709a7039e"
  },
  "stage": "ResponseComplete",
  "requestURI": "/apis/baremetal.cluster.gke.io/v1/namespaces/org-1/
                 nodepoolclaims/admin-control-plane-node-pool/status",
  "kind": "Event",
  "objectRef": {
    "resource": "nodepoolclaims",
    "namespace": "org-1",
    "subresource": "status",
    "name": "admin-control-plane-node-pool",
    "apiVersion": "v1",
    "apiGroup": "baremetal.cluster.gke.io",
    "resourceVersion": "878163",
    "uid": "b2e1bec0-0f7c-4a57-869b-3fcb969ba7e2"
  },
  "verb": "update",
  "userAgent": "operator/v0.0.0 (linux/amd64) kubernetes/$Format",
  "auditID": "0539ea3a-b858-4a43-b516-812fc7e80dbd",
  "_gdch_service_name": "apiserver"
}

Perubahan data AddressPoolClaim (operasi CRUD)

Kolom dalam entri log yang berisi informasi audit
Metadata audit	Nama kolom audit	Nilai
Identitas pengguna atau layanan	`user.username`	Misalnya, "user":{ "username":"system:serviceaccount: gpc-system:root-admin-controller-sa" }
Target (Kolom dan nilai yang memanggil API)	`requestURI`	`"requestURI":"/apis/system.private.gdc.goog/VERSION/ namespaces/org-1/addresspoolclaims/admin-control-plane-node-pool? fieldManager=Organization&force=true"`
Tindakan (Kolom yang berisi operasi yang dilakukan)	`verb`	`"verb":"patch"`
Stempel waktu peristiwa	`requestReceivedTimestamp`	Misalnya, `"requestReceivedTimestamp":"2022-11-23T23:24:13.087516Z"`
Sumber tindakan	`sourceIPs`	Misalnya, `"sourceIPs":["10.128.3.197"]`
Hasil	`stage`	Misalnya, `"stage":"ResponseComplete"`
Kolom lainnya	`kind` `objectRef`	Misalnya, "objectRef": { "namespace": "org-1", "name": "admin-control-plane-node-pool", "apiGroup": "system.private.gdc.goog", "apiVersion": "VERSION", "resource": "addresspoolclaims" }

Contoh log

{
  "_gdch_cluster": "root-admin",
  "requestReceivedTimestamp": "2022-11-23T23:24:13.087516Z",
  "userAgent": "root-admin-cm/v0.0.0 (linux/amd64) kubernetes/$Format",
  "kind": "Event",
  "_gdch_fluentbit_pod": "anthos-audit-logs-forwarder-4hlmv",
  "apiVersion": "audit.k8s.io/v1",
  "level": "Metadata",
  "auditID": "3e46bf8d-fc26-4b43-85fe-34f1f55a0398",
  "requestURI": "/apis/system.private.gdc.goog/VERSION/namespaces/org-1/
    addresspoolclaims/admin-control-plane-node-pool?
    fieldManager=Organization&force=true",
  "stage": "ResponseComplete",
  "user": {
    "groups": [
      "system:serviceaccounts",
      "system:serviceaccounts:gpc-system",
      "system:authenticated"
    ],
    "extra": {
      "authentication.kubernetes.io/pod-name": [
        "root-admin-controller-55b54bc95c-wjnwm"
      ],
      "authentication.kubernetes.io/pod-uid": [
        "915f7dcd-e8cb-4a1a-9c53-4b8e2751cf03"
      ]
    },
    "username": "system:serviceaccount:gpc-system:root-admin-controller-sa",
    "uid": "1ddfb03e-0dd5-42df-b8cb-c53a504d9026"
  },
  "verb": "patch",
  "responseStatus": {
    "metadata": {},
    "code": 200
  },
  "objectRef": {
    "namespace": "org-1",
    "name": "admin-control-plane-node-pool",
    "apiGroup": "system.private.gdc.goog",
    "apiVersion": "VERSION",
    "resource": "addresspoolclaims"
  },
  "sourceIPs": [
    "10.128.3.197"
  ],
  "annotations": {
    "authorization.k8s.io/reason": "RBAC: allowed by ClusterRoleBinding \
    "root-admin-rootadmin-controllers-rolebinding\" of ClusterRole \
    "root-admin-rootadmin-controllers-role\" to ServiceAccount \"root-admin-controller-sa/
    gpc-system\"",
    "authorization.k8s.io/decision": "allow"
  },
  "stageTimestamp": "2022-11-23T23:24:13.100163Z",
  "_gdch_service_name": "apiserver"
}

Perubahan data SubnetClaim (operasi CRUD)

Kolom dalam entri log yang berisi informasi audit
Metadata audit	Nama kolom audit	Nilai
Identitas pengguna atau layanan	`user.username`	Misalnya, "user":{ "username":"system:serviceaccount: gatekeeper-system:gatekeeper-admin" }
Target (Kolom dan nilai yang memanggil API)	`requestURI`	`"requestURI":"/apis/system.private.gdc.goog/ VERSION/subnetclaims?limit=500"`
Tindakan (Kolom yang berisi operasi yang dilakukan)	`verb`	`"verb":"list"`
Stempel waktu peristiwa	`requestReceivedTimestamp`	Misalnya, `"requestReceivedTimestamp":"2022-11-23T23:25:32.726387Z"`
Sumber tindakan	`sourceIPs`	Misalnya, `"sourceIPs":["10.253.129.191"]`
Hasil	`stage`	Misalnya, `"stage":"ResponseComplete"`
Kolom lainnya	`kind` `objectRef`	Misalnya, "objectRef": { "resource": "subnetclaims", apiVersion": "VERSION", "apiGroup": "system.private.gdc.goog" }

Contoh log

{
  "_gdch_cluster": "root-admin",
  "_gdch_fluentbit_pod": "anthos-audit-logs-forwarder-gc5d7",
  "stageTimestamp": "2022-11-23T23:25:32.733616Z",
  "responseStatus": {
    "code": 200,
    "metadata": {}
  },
  "objectRef": {
    "resource": "subnetclaims",
    "apiVersion": "VERSION",
    "apiGroup": "system.private.gdc.goog"
  },
  "auditID": "b611ebea-4c30-4962-9283-c5dcc95c6e13",
  "verb": "list",
  "kind": "Event",
  "annotations": {
    "authorization.k8s.io/reason": "RBAC: allowed by ClusterRoleBinding \"gatekeeper-manager-rolebinding\
                                   " of ClusterRole \"gatekeeper-manager-role\" to ServiceAccount \
                                   "gatekeeper-admin/gatekeeper-system\"",
    "authorization.k8s.io/decision": "allow"
  },
  "user": {
    "extra": {
      "authentication.kubernetes.io/pod-name": [
        "gatekeeper-audit-b765495d8-4znjd"
      ],
      "authentication.kubernetes.io/pod-uid": [
        "9e515f53-15bf-4570-9c57-2f53e0b69a5d"
      ]
    },
    "uid": "d5dc180d-1bca-4d84-885d-a871e0b6d5a2",
    "groups": [
      "system:serviceaccounts",
      "system:serviceaccounts:gatekeeper-system",
      "system:authenticated"
    ],
    "username": "system:serviceaccount:gatekeeper-system:gatekeeper-admin"
  },
  "stage": "ResponseComplete",
  "userAgent": "gatekeeper/v3.7.0 (linux/amd64) 3ba8e93/2021-11-15T20:59:44Z",
  "requestURI": "/apis/system.private.gdc.goog/VERSION/subnetclaims?limit=500",
  "requestReceivedTimestamp": "2022-11-23T23:25:32.726387Z",
  "sourceIPs": [
    "10.253.129.191"
  ],
  "level": "Metadata",
  "apiVersion": "audit.k8s.io/v1",
  "_gdch_service_name": "apiserver"
}

Perubahan data CIDRClaim (operasi CRUD)

Kolom dalam entri log yang berisi informasi audit
Metadata audit	Nama kolom audit	Nilai
Identitas pengguna atau layanan	`user.username`	Misalnya, "user":{ "username":"system:serviceaccount: gatekeeper-system:gatekeeper-admin" }
Target (Kolom dan nilai yang memanggil API)	`requestURI`	`"requestURI":"/apis/baremetal.cluster.gke.io/ VERSION/addonconfigurations?limit=500"`
Tindakan (Kolom yang berisi operasi yang dilakukan)	`verb`	`"verb":"list"`
Stempel waktu peristiwa	`requestReceivedTimestamp`	Misalnya, `"requestReceivedTimestamp":"2022-11-23T23:29:31.952355Z"`
Sumber tindakan	`sourceIPs`	Misalnya, `"sourceIPs":["10.253.129.191"]`
Hasil	`stage`	Misalnya, `"stage":"ResponseComplete"`
Kolom lainnya	`kind` `objectRef`	Misalnya, "objectRef": { "apiGroup": "dr.private.gdc.goog", "resource": "cidrclaimallocations", "apiVersion": "VERSION" }

Contoh log

{
  "_gdch_cluster": "root-admin",
  "_gdch_fluentbit_pod": "anthos-audit-logs-forwarder-gc5d7",
  "objectRef": {
    "apiGroup": "dr.private.gdc.goog",
    "resource": "cidrclaimallocations",
    "apiVersion": "VERSION"
  },
  "responseStatus": {
    "metadata": {},
    "code": 200
  },
  "annotations": {
    "authorization.k8s.io/decision": "allow",
    "authorization.k8s.io/reason": "RBAC: allowed by ClusterRoleBinding \"gatekeeper-manager-rolebinding\" of ClusterRole \"gatekeeper-manager-role\" to ServiceAccount \"gatekeeper-admin/gatekeeper-system\""
  },
  "stageTimestamp": "2022-11-23T23:26:28.165121Z",
  "kind": "Event",
  "level": "Metadata",
  "auditID": "a21c62ab-6f86-4898-a719-0970e89a031c",
  "user": {
    "groups": [
      "system:serviceaccounts",
      "system:serviceaccounts:gatekeeper-system",
      "system:authenticated"
    ],
    "extra": {
      "authentication.kubernetes.io/pod-name": [
        "gatekeeper-audit-b765495d8-4znjd"
      ],
      "authentication.kubernetes.io/pod-uid": [
        "9e515f53-15bf-4570-9c57-2f53e0b69a5d"
      ]
    },
    "username": "system:serviceaccount:gatekeeper-system:gatekeeper-admin",
    "uid": "d5dc180d-1bca-4d84-885d-a871e0b6d5a2"
  },
  "stage": "ResponseComplete",
  "apiVersion": "audit.k8s.io/v1",
  "requestURI": "/apis/dr.private.gdc.goog/VERSION/cidrclaimallocations?limit=500",
  "requestReceivedTimestamp": "2022-11-23T23:26:28.159646Z",
  "verb": "list",
  "sourceIPs": [
    "10.253.129.191"
  ],
  "userAgent": "gatekeeper/v3.7.0 (linux/amd64) 3ba8e93/2021-11-15T20:59:44Z",
  "_gdch_service_name": "apiserver"
}

Perubahan data cluster (operasi CRUD)

Kolom dalam entri log yang berisi informasi audit
Metadata audit	Nama kolom audit	Nilai
Identitas pengguna atau layanan	`user.username`	Misalnya, "user":{ "username":"system:serviceaccount: gatekeeper-system:gatekeeper-admin" }
Target (Kolom dan nilai yang memanggil API)	`requestURI`	`"requestURI":"/apis/baremetal.cluster.gke.io/ VERSION/addonconfigurations?limit=500"`
Tindakan (Kolom yang berisi operasi yang dilakukan)	`verb`	`"verb":"list"`
Stempel waktu peristiwa	`requestReceivedTimestamp`	Misalnya, `"requestReceivedTimestamp":"2022-11-23T23:29:31.952355Z"`
Sumber tindakan	`sourceIPs`	Misalnya, `"sourceIPs":["10.253.129.191"]`
Hasil	`stage`	Misalnya, `"stage":"ResponseComplete"`
Kolom lainnya	`kind` `objectRef`	Misalnya, "objectRef": { "apiGroup": "baremetal.cluster.gke.io", "resource": "addonconfigurations", "apiVersion": "VERSION" }

Contoh log

{
  "sourceIPs": [
    "10.253.129.191"
  ],
  "stageTimestamp": "2022-11-23T23:29:31.952355Z",
  "_gdch_fluentbit_pod": "anthos-audit-logs-forwarder-gc5d7",
  "_gdch_cluster": "root-admin",
  "userAgent": "gatekeeper/v3.7.0 (linux/amd64) 3ba8e93/2021-11-15T20:59:44Z",
  "stage": "RequestReceived",
  "auditID": "3f05e001-38f0-431e-8cc2-61d00d992b6d",
  "kind": "Event",
  "level": "Metadata",
  "apiVersion": "audit.k8s.io/v1",
  "requestURI": "/apis/baremetal.cluster.gke.io/VERSION/addonconfigurations?limit=500",
  "requestReceivedTimestamp": "2022-11-23T23:29:31.952355Z",
  "verb": "list",
  "user": {
    "extra": {
      "authentication.kubernetes.io/pod-name": [
        "gatekeeper-audit-b765495d8-4znjd"
      ],
      "authentication.kubernetes.io/pod-uid": [
        "9e515f53-15bf-4570-9c57-2f53e0b69a5d"
      ]
    },
    "uid": "d5dc180d-1bca-4d84-885d-a871e0b6d5a2",
    "groups": [
      "system:serviceaccounts",
      "system:serviceaccounts:gatekeeper-system",
      "system:authenticated"
    ],
    "username": "system:serviceaccount:gatekeeper-system:gatekeeper-admin"
  },
  "objectRef": {
    "apiGroup": "baremetal.cluster.gke.io",
    "resource": "addonconfigurations",
    "apiVersion": "VERSION"
  },
  "_gdch_service_name": "apiserver"
}

Perubahan data NodePool (operasi CRUD)

Kolom dalam entri log yang berisi informasi audit
Metadata audit	Nama kolom audit	Nilai
Identitas pengguna atau layanan	`user.username`	Misalnya, "user":{ "username":"system:serviceaccount: kube-system:lifecycle-controllers-manager" }
Target (Kolom dan nilai yang memanggil API)	`requestURI`	`"requestURI":"/apis/baremetal.cluster.gke.io/v1/nodepools"`
Tindakan (Kolom yang berisi operasi yang dilakukan)	`verb`	`"verb":"list"`
Stempel waktu peristiwa	`requestReceivedTimestamp`	Misalnya, `"requestReceivedTimestamp":"2022-11-23T23:29:31.952355Z"`
Sumber tindakan	`sourceIPs`	Misalnya, `"sourceIPs":["2022-11-23T23:28:41.742117Z"]`
Hasil	`stage`	Misalnya, `"stage":"ResponseComplete"`
Kolom lainnya	`kind` `objectRef`	Misalnya, "objectRef": { "apiGroup": "baremetal.cluster.gke.io", "resource": "nodepools", "apiVersion": "v1" }

Contoh log

{
  "requestURI": "/apis/baremetal.cluster.gke.io/v1/nodepools",
  "_gdch_cluster": "root-admin",
  "sourceIPs": [
    "10.253.130.147"
  ],
  "stageTimestamp": "2022-11-23T23:28:41.746854Z",
  "responseStatus": {
    "metadata": {},
    "code": 200
  },
  "annotations": {
    "authorization.k8s.io/reason": "RBAC: allowed by ClusterRoleBinding \
                                  "lifecycl-controllers-manager-rolebinding\" 
                                  of ClusterRole \"lifecycle-controllers-manager\
                                  " to ServiceAccount \"lifecycle-controllers-manager/kube-system\"",
    "authorization.k8s.io/decision": "allow"
  },
  "requestReceivedTimestamp": "2022-11-23T23:28:41.742117Z",
  "userAgent": "manager/v0.0.0 (linux/amd64) kubernetes/$Format",
  "kind": "Event",
  "auditID": "c916fab1-a10b-4df8-b680-71ccb5d339ac",
  "user": {
    "extra": {
      "authentication.kubernetes.io/pod-uid": [
        "0b1e3b51-8bdb-4527-8a34-1ae7577cf0aa"
      ],
      "authentication.kubernetes.io/pod-name": [
        "lifecycle-controllers-manager-7495f9dd99-bfvdg"
      ]
    },
    "groups": [
      "system:serviceaccounts",
      "system:serviceaccounts:kube-system",
      "system:authenticated"
    ],
    "username": "system:serviceaccount:kube-system:lifecycle-controllers-manager",
    "uid": "c84957dc-f483-41c4-b0e1-1a2c9cb93dda"
  },
  "stage": "ResponseComplete",
  "_gdch_fluentbit_pod": "anthos-audit-logs-forwarder-4hlmv",
  "verb": "list",
  "apiVersion": "audit.k8s.io/v1",
  "level": "Metadata",
  "objectRef": {
    "apiGroup": "baremetal.cluster.gke.io",
    "resource": "nodepools",
    "apiVersion": "v1"
  },
  "_gdch_service_name": "apiserver"
}

Cluster Kubernetes (KUB) Tetap teratur dengan koleksi Simpan dan kategorikan konten berdasarkan preferensi Anda.

Perubahan data NodePoolClaim (operasi CRUD)

Perubahan data AddressPoolClaim (operasi CRUD)

Perubahan data SubnetClaim (operasi CRUD)

Perubahan data CIDRClaim (operasi CRUD)

Perubahan data cluster (operasi CRUD)

Perubahan data NodePool (operasi CRUD)

Cluster Kubernetes (KUB)