Returns a list of services that allow you to opt into audit logs that are not generated by default.
To learn more about audit logs, see the Logging documentation.
HTTP request
POST https://iam.googleapis.com/v1/iamPolicies:queryAuditableServices
The URL uses gRPC Transcoding syntax.
Request body
The request body contains data with the following structure:
JSON representation |
---|
{ "fullResourceName": string } |
Fields | |
---|---|
full |
Required. The full resource name to query from the list of auditable services. The name follows the Google Cloud Platform resource format. For example, a Cloud Platform project with id |
Response body
A response containing a list of auditable services for a resource.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{
"services": [
{
object ( |
Fields | |
---|---|
services[] |
The auditable services for a resource. |
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/iam
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
AuditableService
Contains information about an auditable service.
JSON representation |
---|
{ "name": string } |
Fields | |
---|---|
name |
Public name of the service. For example, the service name for IAM is 'iam.googleapis.com'. |
.NET client library を使用します。 Go client library を使用します。 Java client library を使用します。 Node.js client library を使用します。 PHP client library を使用します。 Python client library を使用します。 Ruby client library を使用します。例
// BEFORE RUNNING:
// ---------------
// 1. If not already done, enable the Identity and Access Management (IAM) API
// and check the quota for your project at
// https://console.developers.google.com/apis/api/iam
// 2. This sample uses Application Default Credentials for authentication.
// If not already done, install the gcloud CLI from
// https://cloud.google.com/sdk and run
// `gcloud beta auth application-default login`.
// For more information, see
// https://developers.google.com/identity/protocols/application-default-credentials
// 3. Install the C# client library by adding a dependency on the relevant NuGet
// package. Libraries published by Google are owned by google-apis-packages:
// https://www.nuget.org/profiles/google-apis-packages
using Google.Apis.Auth.OAuth2;
using Google.Apis.Services;
using Google.Apis.Iam.v1;
using Newtonsoft.Json;
using System;
using System.Threading.Tasks;
using Data = Google.Apis.Iam.v1.Data;
namespace IamSample
{
public class IamExample
{
public static void Main(string[] args)
{
IamService iamService = new IamService(new BaseClientService.Initializer
{
HttpClientInitializer = GetCredential(),
ApplicationName = "Google-iamSample/0.1",
});
// TODO: Assign values to desired properties of `requestBody`:
Data.QueryAuditableServicesRequest requestBody = new Data.QueryAuditableServicesRequest();
IamPoliciesResource.QueryAuditableServicesRequest request = iamService.IamPolicies.QueryAuditableServices(requestBody);
// To execute asynchronously in an async method, replace `request.Execute()` as shown:
Data.QueryAuditableServicesResponse response = request.Execute();
// Data.QueryAuditableServicesResponse response = await request.ExecuteAsync();
// TODO: Change code below to process the `response` object:
Console.WriteLine(JsonConvert.SerializeObject(response));
}
public static GoogleCredential GetCredential()
{
GoogleCredential credential = Task.Run(() => GoogleCredential.GetApplicationDefaultAsync()).Result;
if (credential.IsCreateScopedRequired)
{
credential = credential.CreateScoped("https://www.googleapis.com/auth/cloud-platform");
}
return credential;
}
}
}package main
// BEFORE RUNNING:
// ---------------
// 1. If not already done, enable the Identity and Access Management (IAM) API
// and check the quota for your project at
// https://console.developers.google.com/apis/api/iam
// 2. This sample uses Application Default Credentials for authentication.
// If not already done, install the gcloud CLI from
// https://cloud.google.com/sdk/ and run
// `gcloud beta auth application-default login`.
// For more information, see
// https://developers.google.com/identity/protocols/application-default-credentials
// 3. Install and update the Go dependencies by running `go get -u` in the
// project directory.
import (
"fmt"
"log"
"golang.org/x/net/context"
"golang.org/x/oauth2/google"
"google.golang.org/api/iam/v1"
)
func main() {
ctx := context.Background()
iamService, err := iam.NewService(ctx)
if err != nil {
log.Fatal(err)
}
rb := &iam.QueryAuditableServicesRequest{
// TODO: Add desired fields of the request body.
}
resp, err := iamService.IamPolicies.QueryAuditableServices(rb).Context(ctx).Do()
if err != nil {
log.Fatal(err)
}
// TODO: Change code below to process the `resp` object:
fmt.Printf("%#v\n", resp)
}/*
* BEFORE RUNNING:
* ---------------
* 1. If not already done, enable the Identity and Access Management (IAM) API
* and check the quota for your project at
* https://console.developers.google.com/apis/api/iam
* 2. This sample uses Application Default Credentials for authentication.
* If not already done, install the gcloud CLI from
* https://cloud.google.com/sdk and run
* `gcloud beta auth application-default login`.
* For more information, see
* https://developers.google.com/identity/protocols/application-default-credentials
* 3. Install the Java client library on Maven or Gradle. Check installation
* instructions at https://github.com/google/google-api-java-client.
* On other build systems, you can add the jar files to your project from
* https://developers.google.com/resources/api-libraries/download/iam/v1/java
*/
import com.google.api.client.googleapis.auth.oauth2.GoogleCredential;
import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
import com.google.api.client.http.HttpTransport;
import com.google.api.client.json.JsonFactory;
import com.google.api.client.json.jackson2.JacksonFactory;
import com.google.api.services.iam.v1.Iam;
import com.google.api.services.iam.v1.model.QueryAuditableServicesRequest;
import com.google.api.services.iam.v1.model.QueryAuditableServicesResponse;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Arrays;
public class IamExample {
public static void main(String args[]) throws IOException, GeneralSecurityException {
// TODO: Assign values to desired fields of `requestBody`:
QueryAuditableServicesRequest requestBody = new QueryAuditableServicesRequest();
Iam iamService = createIamService();
Iam.IamPolicies.QueryAuditableServices request =
iamService.iamPolicies().queryAuditableServices(requestBody);
QueryAuditableServicesResponse response = request.execute();
// TODO: Change code below to process the `response` object:
System.out.println(response);
}
public static Iam createIamService() throws IOException, GeneralSecurityException {
HttpTransport httpTransport = GoogleNetHttpTransport.newTrustedTransport();
JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();
GoogleCredential credential = GoogleCredential.getApplicationDefault();
if (credential.createScopedRequired()) {
credential =
credential.createScoped(Arrays.asList("https://www.googleapis.com/auth/cloud-platform"));
}
return new Iam.Builder(httpTransport, jsonFactory, credential)
.setApplicationName("Google-iamSample/0.1")
.build();
}
}// BEFORE RUNNING:
// ---------------
// 1. If not already done, enable the Identity and Access Management (IAM) API
// and check the quota for your project at
// https://console.developers.google.com/apis/api/iam
// 2. This sample uses Application Default Credentials for authentication.
// If not already done, install the gcloud CLI from
// https://cloud.google.com/sdk and run
// `gcloud beta auth application-default login`.
// For more information, see
// https://developers.google.com/identity/protocols/application-default-credentials
// 3. Install the Node.js client library by running
// `npm install googleapis --save`
const {google} = require('googleapis');
const iam = google.iam('v1');
async function main () {
const authClient = await authorize();
const request = {
resource: {
// TODO: Add desired properties to the request body.
},
auth: authClient,
};
try {
const response = (await iam.iamPolicies.queryAuditableServices(request)).data;
// TODO: Change code below to process the `response` object:
console.log(JSON.stringify(response, null, 2));
} catch (err) {
console.error(err);
}
}
main();
async function authorize() {
const auth = new google.auth.GoogleAuth({
scopes: ['https://www.googleapis.com/auth/cloud-platform']
});
return await auth.getClient();
}<?php
/*
* BEFORE RUNNING:
* ---------------
* 1. If not already done, enable the Identity and Access Management (IAM) API
* and check the quota for your project at
* https://console.developers.google.com/apis/api/iam
* 2. This sample uses Application Default Credentials for authentication.
* If not already done, install the gcloud CLI from
* https://cloud.google.com/sdk and run
* `gcloud beta auth application-default login`.
* For more information, see
* https://developers.google.com/identity/protocols/application-default-credentials
* 3. Install the PHP client library with Composer. Check installation
* instructions at https://github.com/google/google-api-php-client.
*/
// Autoload Composer.
require_once __DIR__ . '/vendor/autoload.php';
$client = new Google_Client();
$client->setApplicationName('Google-iamSample/0.1');
$client->useApplicationDefaultCredentials();
$client->addScope('https://www.googleapis.com/auth/cloud-platform');
$service = new Google_Service_Iam($client);
// TODO: Assign values to desired properties of `requestBody`:
$requestBody = new Google_Service_Iam_QueryAuditableServicesRequest();
$response = $service->iamPolicies->queryAuditableServices($requestBody);
// TODO: Change code below to process the `response` object:
echo '<pre>', var_export($response, true), '</pre>', "\n";
?>"""
BEFORE RUNNING:
---------------
1. If not already done, enable the Identity and Access Management (IAM) API
and check the quota for your project at
https://console.developers.google.com/apis/api/iam
2. This sample uses Application Default Credentials for authentication.
If not already done, install the gcloud CLI from
https://cloud.google.com/sdk and run
`gcloud beta auth application-default login`.
For more information, see
https://developers.google.com/identity/protocols/application-default-credentials
3. Install the Python client library for Google APIs by running
`pip install --upgrade google-api-python-client`
4. Install the OAuth 2.0 client for Google APIs by running
`pip install --upgrade oauth2client`
"""
from pprint import pprint
from googleapiclient import discovery
from oauth2client.client import GoogleCredentials
credentials = GoogleCredentials.get_application_default()
service = discovery.build('iam', 'v1', credentials=credentials)
query_auditable_services_request_body = {
# TODO: Add desired entries to the request body.
}
request = service.iamPolicies().queryAuditableServices(body=query_auditable_services_request_body)
response = request.execute()
# TODO: Change code below to process the `response` dict:
pprint(response)# BEFORE RUNNING:
# ---------------
# 1. If not already done, enable the Identity and Access Management (IAM) API
# and check the quota for your project at
# https://console.developers.google.com/apis/api/iam
# 2. This sample uses Application Default Credentials for authentication.
# If not already done, install the gcloud CLI from
# https://cloud.google.com/sdk and run
# `gcloud beta auth application-default login`.
# For more information, see
# https://developers.google.com/identity/protocols/application-default-credentials
# 3. Install the Ruby client library and Application Default Credentials
# library by running `gem install google-api-client` and
# `gem install googleauth`
require 'googleauth'
require 'google/apis/iam_v1'
service = Google::Apis::IamV1::IamService.new
service.authorization = \
Google::Auth.get_application_default(['https://www.googleapis.com/auth/cloud-platform'])
# TODO: Assign values to desired members of `request_body`:
request_body = Google::Apis::IamV1::QueryAuditableServicesRequest.new
response = service.query_iam_policy_auditable_services(request_body)
# TODO: Change code below to process the `response` object:
puts response.to_json