This document describes audit logging for Container Security API, including which methods generate audit logs, details about the audit logs each method produces, and which methods do not produce audit logs, if any. Google Cloud generates audit logs that record administrative and access activities within your Google Cloud resources. For more information, see Cloud Audit Logs overview.
Notes
This API cannot be called directly, and is only accessible through the dashboard in the Google Cloud console.
Service name
Container Security API audit logs use the service name containersecurity.googleapis.com
.
Methods by permission type
Methods that check DATA_READ
, DATA_WRITE
, and
ADMIN_READ
permissions generate logs categorized as
Data Access audit logs.
Methods that check ADMIN_WRITE
permissions generate logs
categorized as
Admin Activity audit logs.
Permission type | Methods |
---|---|
DATA_READ |
google.cloud.containersecurity.v1beta.ContainerSecurity.ListFindings google.cloud.containersecurity.v1beta.ContainerSecurity.SearchClusterFindingSummaries |
Audit logs for each API interface
For information about how and which permissions are evaluated, for each method, see the Identity and Access Management documentation for Container Security API.
google.cloud.containersecurity.v1beta.ContainerSecurity
The following section contains details about audit logs associated with
methods belonging to google.cloud.containersecurity.v1beta.ContainerSecurity
.
ListFindings
- Method:
google.cloud.containersecurity.v1beta.ContainerSecurity.ListFindings
- Audit log type: Data access
- Permissions:
containersecurity.findings.list - DATA_READ
- Method is a long-running or streaming operation:
No.
- Filter for this method:
protoPayload.methodName="google.cloud.containersecurity.v1beta.ContainerSecurity.ListFindings"
SearchClusterFindingSummaries
- Method:
google.cloud.containersecurity.v1beta.ContainerSecurity.SearchClusterFindingSummaries
- Audit log type: Data access
- Permissions:
containersecurity.clusterSummaries.list - DATA_READ
- Method is a long-running or streaming operation:
No.
- Filter for this method:
protoPayload.methodName="google.cloud.containersecurity.v1beta.ContainerSecurity.SearchClusterFindingSummaries"