Container Security API audit logging

This document describes audit logging for Container Security API, including which methods generate audit logs, details about the audit logs each method produces, and which methods do not produce audit logs, if any. Google Cloud generates audit logs that record administrative and access activities within your Google Cloud resources. For more information, see Cloud Audit Logs overview.

Notes

This API cannot be called directly, and is only accessible through the dashboard in the Google Cloud console.

Service name

Container Security API audit logs use the service name containersecurity.googleapis.com.

Methods by permission type

Methods that check DATA_READ, DATA_WRITE, and ADMIN_READ permissions generate logs categorized as Data Access audit logs. Methods that check ADMIN_WRITE permissions generate logs categorized as Admin Activity audit logs.

Permission type Methods
DATA_READ google.cloud.containersecurity.v1beta.ContainerSecurity.ListFindings
google.cloud.containersecurity.v1beta.ContainerSecurity.SearchClusterFindingSummaries

Audit logs for each API interface

For information about how and which permissions are evaluated, for each method, see the Identity and Access Management documentation for Container Security API.

google.cloud.containersecurity.v1beta.ContainerSecurity

The following section contains details about audit logs associated with methods belonging to google.cloud.containersecurity.v1beta.ContainerSecurity.

ListFindings

  • Method: google.cloud.containersecurity.v1beta.ContainerSecurity.ListFindings
  • Audit log type: Data access
  • Permissions:
    • containersecurity.findings.list - DATA_READ
  • Method is a long-running or streaming operation: No.
  • Filter for this method: protoPayload.methodName="google.cloud.containersecurity.v1beta.ContainerSecurity.ListFindings"

SearchClusterFindingSummaries

  • Method: google.cloud.containersecurity.v1beta.ContainerSecurity.SearchClusterFindingSummaries
  • Audit log type: Data access
  • Permissions:
    • containersecurity.clusterSummaries.list - DATA_READ
  • Method is a long-running or streaming operation: No.
  • Filter for this method: protoPayload.methodName="google.cloud.containersecurity.v1beta.ContainerSecurity.SearchClusterFindingSummaries"