Marketplace (MKT)
Tetap teratur dengan koleksi
Simpan dan kategorikan konten berdasarkan preferensi Anda.
| Lokasi workload |
Hanya workload organisasi
|
| Sumber log audit |
KRM API
|
| Operasi yang diaudit |
|
Membuat layanan Marketplace
| Kolom dalam entri log yang berisi informasi audit |
| Metadata audit |
Nama kolom audit |
Nilai |
| Identitas pengguna atau layanan |
username |
Misalnya,
"username": "system:serviceaccount:gpc-system:mkt-controller"
|
|
Target
(Kolom dan nilai yang memanggil API)
|
apiGroup |
Misalnya,
"apiGroup": "marketplace.gdc.goog"
|
|
Tindakan
(Kolom yang berisi operasi yang dilakukan)
|
verb |
Misalnya,
"verb": "create"
|
| Stempel waktu peristiwa |
requestReceivedTimestamp |
Misalnya,
"requestReceivedTimestamp":"2022-12-04T03:07:21.657328Z"
|
| Sumber tindakan |
userAgent |
Misalnya,
"userAgent": "fleet-admin-cm/v0.0.0 (linux/amd64) kubernetes/$Format"
|
| Hasil |
response_code |
Misalnya,
"response_code":"200"
|
| Kolom lainnya |
Tidak berlaku |
Tidak berlaku |
Contoh log
{
"_gdch_cluster": "org-1-admin",
"apiVersion": "audit.k8s.io/v1",
"auditID": "c142325e-8dee-4f36-b392-6d4dfe33947f",
"kind": "Event",
"level": "Metadata",
"objectRef": {
"name": "dataproc-service",
"namespace": "gpc-system",
"resource": "marketplaceservices",
"apiGroup": "marketplace.gdc.goog",
"apiVersion": "v1alpha1"
},
"requestReceivedTimestamp": "2022-12-04T03:07:21.657328Z",
"requestURI": "/apis/marketplace.gdc.goog/v1alpha1/namespaces/gpc-system/marketplaceservices"
"responseStatus": {
"code": 201,
"metadata": {},
}
"sourceIPs": [
"10.53.166.199"
],
"stage": "ResponseComplete",
"stageTimestamp": "2022-12-04T03:07:21.657328Z",
"user": {
"extra": {
"authentication.kubernetes.io/pod-name": [
"fleet-admin-controller-59cc779bfd-vtx96"
],
"authentication.kubernetes.io/pod-uid": [
"3f656979-43ea-4012-892c-a595cf94a17b"
]
}
"username": "system:serviceaccount:gpc-system:mkt-controller",
"uid": "884009bb-d50c-46a1-a68c-8fa1b91da675"
"groups": [
"system:serviceaccounts",
"system:serviceaccounts:gpc-system",
"system:authenticated"
]
},
"userAgent": "fleet-admin-cm/v0.0.0 (linux/amd64) kubernetes/$Format",
"verb": "create"
}
Memperbarui layanan Marketplace
| Kolom dalam entri log yang berisi informasi audit |
| Metadata audit |
Nama kolom audit |
Nilai |
| Identitas pengguna atau layanan |
username |
Misalnya,
"username": "kubernetes-admin"
|
|
Target
(Kolom dan nilai yang memanggil API)
|
apiGroup |
Misalnya,
"apiGroup": "marketplace.gdc.goog"
|
|
Tindakan
(Kolom yang berisi operasi yang dilakukan)
|
verb |
Misalnya,
"verb": "patch"
|
| Stempel waktu peristiwa |
requestReceivedTimestamp |
Misalnya,
"requestReceivedTimestamp":"2022-12-03T01:09:47.451242Z"
|
| Sumber tindakan |
userAgent |
Misalnya,
"userAgent": "kubectl/v1.23.5 (linux/amd64) kubernetes/c285e78"
|
| Hasil |
response_code |
Misalnya,
"response_code":"200"
|
| Kolom lainnya |
Tidak berlaku |
Tidak berlaku |
Contoh log
{
"cluster": "org-1-admin",
"apiVersion": "audit.k8s.io/v1",
"auditID": "c142325e-8dee-4f36-b392-6d4dfe33947f",
"kind": "Event",
"level": "Metadata",
"objectRef": {
"name": "dataproc-service",
"namespace": "gpc-system",
"resource": "marketplaceservices",
"apiGroup": "marketplace.gdc.goog",
"apiVersion": "v1alpha1"
},
"requestReceivedTimestamp": "2022-12-04T03:07:21.657328Z",
"requestURI": "/apis/marketplace.gdc.goog/v1alpha1/namespaces/gpc-system/marketplaceservices/dataproc-service?fieldManager=kubectl-edit"
"responseStatus": {
"code": 201,
"metadata": {},
}
"sourceIPs": [
"10.200.0.6"
],
"stage": "ResponseComplete",
"stageTimestamp": "2022-12-04T03:07:21.657328Z",
"user": {
"groups": [
"system:masters",
"system:authenticated"
],
"username": "kubernetes-admin"
},
"userAgent": "kubectl/v1.23.5 (linux/amd64) kubernetes/c285e78",
"verb": "patch"
}
Mencabut atau memberikan akses ke layanan Marketplace
| Kolom dalam entri log yang berisi informasi audit |
| Metadata audit |
Nama kolom audit |
Nilai |
| Identitas pengguna atau layanan |
username |
Misalnya,
"username": "fop-platform-admin@example.com"
|
|
Target
(Kolom dan nilai yang memanggil API)
|
apiGroup |
Misalnya,
"apiGroup": "rbac.authorization.k8s.io"
|
|
Tindakan
(Kolom yang berisi operasi yang dilakukan)
|
verb |
Misalnya,
"verb": "create"
|
| Stempel waktu peristiwa |
time |
Misalnya,
"time":"2022-12-04T02:00:17.475634Z"
|
| Sumber tindakan |
username |
Misalnya,
"username": "fop-platform-admin@example.com"
|
| Hasil |
response_code |
Misalnya,
"response_code":"201"
|
| Kolom lainnya |
Tidak berlaku |
Tidak berlaku |
Contoh log
{
"cluster": "org-1-admin",
"apiVersion": "audit.k8s.io/v1",
"auditID": "c142325e-8dee-4f36-b392-6d4dfe33947f",
"impersonatedUser": {
"groups": [
"system:authenticated"
"username": "fop-platform-admin@example.com"
}
"kind": "Event",
"level": "Metadata",
"objectRef": {
"apiVersion": "v1"
"name": "user-fop-platform-admin--example--com-marketplace-viewer",
"resource": "clusterrolebindings",
"apiGroup": "rbac.authorization.k8s.io",
},
"requestReceivedTimestamp": "2022-12-04T03:07:21.657328Z",
"requestURI": "/apis/rbac.authorization.k8s.io/v1/clusterrolebindings"
"responseStatus": {
"code": 201,
"metadata": {},
}
"sourceIPs": [
"10.253.164.220"
],
"stage": "ResponseComplete",
"stageTimestamp": "2022-12-04T03:07:21.657328Z",
"user": {
"extra": {
"authentication.kubernetes.io/pod-name": [
"fleet-admin-gateway-server-c8b7f879c-zwchc"
],
"authentication.kubernetes.io/pod-uid": [
"f0ec7e0-a604-4b70-a5fc-793e0c158349"
]
}
"username": "system:serviceaccount:gpc-system:fleet-admin-gateway-server-sa",
"uid": "72904c96-d59a-4344-8408-5751f42ffdd88"
"groups": [
"system:serviceaccounts",
"system:serviceaccounts:gpc-system",
"system:authenticated"
},
"userAgent": "ui-gateway-server/v0.0.0 (linux/amd64) kubernetes/$Format",
"verb": "create"
}
Kecuali dinyatakan lain, konten di halaman ini dilisensikan berdasarkan Lisensi Creative Commons Attribution 4.0, sedangkan contoh kode dilisensikan berdasarkan Lisensi Apache 2.0. Untuk mengetahui informasi selengkapnya, lihat Kebijakan Situs Google Developers. Java adalah merek dagang terdaftar dari Oracle dan/atau afiliasinya.
Terakhir diperbarui pada 2025-09-04 UTC.
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-09-04 UTC."],[[["\u003cp\u003eThis document provides details on audit logs for organization-only workloads related to Marketplace services.\u003c/p\u003e\n"],["\u003cp\u003eThe audit log source is the KRM API, and the audited operations include creating, updating, and managing access to Marketplace services.\u003c/p\u003e\n"],["\u003cp\u003eEach log entry contains audit metadata like user identity, the target API group, the action performed (verb), event timestamp, source of action, and outcome (response code).\u003c/p\u003e\n"],["\u003cp\u003eSpecific examples of log entries are provided for creating a service, updating a service, and granting/revoking access to a service, each outlining key audit fields and values.\u003c/p\u003e\n"],["\u003cp\u003eThe "verb" field within the audit logs indicates the specific action performed, such as "create," "patch," in addition to, while "response_code" indicates the success or failure, like 201 or 200.\u003c/p\u003e\n"]]],[],null,["# Marketplace (MKT)\n\nCreating a Marketplace service\n------------------------------\n\n**Example log** \n\n {\n \"_gdch_cluster\": \"org-1-admin\",\n \"apiVersion\": \"audit.k8s.io/v1\",\n \"auditID\": \"c142325e-8dee-4f36-b392-6d4dfe33947f\",\n \"kind\": \"Event\",\n \"level\": \"Metadata\",\n \"objectRef\": {\n \"name\": \"dataproc-service\",\n \"namespace\": \"gpc-system\",\n \"resource\": \"marketplaceservices\",\n \"apiGroup\": \"marketplace.gdc.goog\",\n \"apiVersion\": \"v1alpha1\"\n },\n \"requestReceivedTimestamp\": \"2022-12-04T03:07:21.657328Z\",\n \"requestURI\": \"/apis/marketplace.gdc.goog/v1alpha1/namespaces/gpc-system/marketplaceservices\"\n \"responseStatus\": {\n \"code\": 201,\n \"metadata\": {},\n }\n \"sourceIPs\": [\n \"10.53.166.199\"\n ],\n \"stage\": \"ResponseComplete\",\n \"stageTimestamp\": \"2022-12-04T03:07:21.657328Z\",\n \"user\": {\n \"extra\": {\n \"authentication.kubernetes.io/pod-name\": [\n \"fleet-admin-controller-59cc779bfd-vtx96\"\n ],\n \"authentication.kubernetes.io/pod-uid\": [\n \"3f656979-43ea-4012-892c-a595cf94a17b\"\n ]\n }\n \"username\": \"system:serviceaccount:gpc-system:mkt-controller\",\n \"uid\": \"884009bb-d50c-46a1-a68c-8fa1b91da675\"\n \"groups\": [\n \"system:serviceaccounts\",\n \"system:serviceaccounts:gpc-system\",\n \"system:authenticated\"\n ]\n },\n \"userAgent\": \"fleet-admin-cm/v0.0.0 (linux/amd64) kubernetes/$Format\",\n \"verb\": \"create\"\n }\n\nUpdating a Marketplace service\n------------------------------\n\n**Example log** \n\n {\n \"cluster\": \"org-1-admin\",\n \"apiVersion\": \"audit.k8s.io/v1\",\n \"auditID\": \"c142325e-8dee-4f36-b392-6d4dfe33947f\",\n \"kind\": \"Event\",\n \"level\": \"Metadata\",\n \"objectRef\": {\n \"name\": \"dataproc-service\",\n \"namespace\": \"gpc-system\",\n \"resource\": \"marketplaceservices\",\n \"apiGroup\": \"marketplace.gdc.goog\",\n \"apiVersion\": \"v1alpha1\"\n },\n \"requestReceivedTimestamp\": \"2022-12-04T03:07:21.657328Z\",\n \"requestURI\": \"/apis/marketplace.gdc.goog/v1alpha1/namespaces/gpc-system/marketplaceservices/dataproc-service?fieldManager=kubectl-edit\"\n \"responseStatus\": {\n \"code\": 201,\n \"metadata\": {},\n }\n \"sourceIPs\": [\n \"10.200.0.6\"\n ],\n \"stage\": \"ResponseComplete\",\n \"stageTimestamp\": \"2022-12-04T03:07:21.657328Z\",\n \"user\": {\n \"groups\": [\n \"system:masters\",\n \"system:authenticated\"\n ],\n \"username\": \"kubernetes-admin\"\n },\n \"userAgent\": \"kubectl/v1.23.5 (linux/amd64) kubernetes/c285e78\",\n \"verb\": \"patch\"\n }\n\nRevoking or granting access to a Marketplace service\n----------------------------------------------------\n\n**Example log** \n\n {\n \"cluster\": \"org-1-admin\",\n \"apiVersion\": \"audit.k8s.io/v1\",\n \"auditID\": \"c142325e-8dee-4f36-b392-6d4dfe33947f\",\n \"impersonatedUser\": {\n \"groups\": [\n \"system:authenticated\"\n \"username\": \"fop-platform-admin@example.com\"\n }\n \"kind\": \"Event\",\n \"level\": \"Metadata\",\n \"objectRef\": {\n \"apiVersion\": \"v1\"\n \"name\": \"user-fop-platform-admin--example--com-marketplace-viewer\",\n \"resource\": \"clusterrolebindings\",\n \"apiGroup\": \"rbac.authorization.k8s.io\",\n },\n \"requestReceivedTimestamp\": \"2022-12-04T03:07:21.657328Z\",\n \"requestURI\": \"/apis/rbac.authorization.k8s.io/v1/clusterrolebindings\"\n \"responseStatus\": {\n \"code\": 201,\n \"metadata\": {},\n }\n \"sourceIPs\": [\n \"10.253.164.220\"\n ],\n \"stage\": \"ResponseComplete\",\n \"stageTimestamp\": \"2022-12-04T03:07:21.657328Z\",\n \"user\": {\n \"extra\": {\n \"authentication.kubernetes.io/pod-name\": [\n \"fleet-admin-gateway-server-c8b7f879c-zwchc\"\n ],\n \"authentication.kubernetes.io/pod-uid\": [\n \"f0ec7e0-a604-4b70-a5fc-793e0c158349\"\n ]\n }\n \"username\": \"system:serviceaccount:gpc-system:fleet-admin-gateway-server-sa\",\n \"uid\": \"72904c96-d59a-4344-8408-5751f42ffdd88\"\n \"groups\": [\n \"system:serviceaccounts\",\n \"system:serviceaccounts:gpc-system\",\n \"system:authenticated\"\n },\n \"userAgent\": \"ui-gateway-server/v0.0.0 (linux/amd64) kubernetes/$Format\",\n \"verb\": \"create\"\n }"]]
