Common audit log format for Google Cloud Platform API operations.
JSON representation | |
---|---|
{ "serviceName": string, "methodName": string, "resourceName": string, "numResponseItems": string, "status": { object ( |
Fields | |
---|---|
serviceName |
The name of the API service performing the operation. For example, |
methodName |
The name of the service method or operation. For API calls, this should be the name of the API method. For example,
|
resourceName |
The resource or collection that is the target of the operation. The name is a scheme-less URI, not including the API service name. For example:
|
numResponseItems |
The number of items returned from a List or Query API method, if applicable. |
status |
The status of the overall operation. |
authenticationInfo |
Authentication information. |
authorizationInfo[] |
Authorization information. If there are multiple resources or permissions involved, then there is one AuthorizationInfo element for each {resource, permission} tuple. |
requestMetadata |
Metadata about the operation. |
request |
The operation request. This may not include all request parameters, such as those that are too large, privacy-sensitive, or duplicated elsewhere in the log record. It should never include user-generated data, such as file contents. When the JSON object represented here has a proto equivalent, the proto name will be indicated in the |
response |
The operation response. This may not include all response elements, such as those that are too large, privacy-sensitive, or duplicated elsewhere in the log record. It should never include user-generated data, such as file contents. When the JSON object represented here has a proto equivalent, the proto name will be indicated in the |
metadata |
Other service-specific data about the request, response, and other information associated with the current audited event. |
serviceData |
Deprecated. Use the An object containing fields of an arbitrary type. An additional field |
Status
The Status
type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by gRPC. Each Status
message contains three pieces of data: error code, error message, and error details.
You can find out more about this error model and how to work with it in the API Design Guide.
JSON representation | |
---|---|
{ "code": integer, "message": string, "details": [ { "@type": string, field1: ..., ... } ] } |
Fields | |
---|---|
code |
The status code, which should be an enum value of |
message |
A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the |
details[] |
A list of messages that carry the error details. There is a common set of message types for APIs to use. An object containing fields of an arbitrary type. An additional field |
AuthenticationInfo
Authentication information for the operation.
JSON representation | |
---|---|
{ "principalEmail": string, "authoritySelector": string, "principalSubject": string } |
Fields | |
---|---|
principalEmail |
The email address of the authenticated user (or service account on behalf of third party principal) making the request. For third party identity callers, the |
authoritySelector |
The authority selector specified by the requestor, if any. It is not guaranteed that the principal was allowed to use this authority. |
principalSubject |
String representation of identity of requesting party. Populated for both first and third party identities. Only present for APIs that support third-party identities. |
AuthorizationInfo
Authorization information for the operation.
JSON representation | |
---|---|
{ "resource": string, "permission": string, "granted": boolean } |
Fields | |
---|---|
resource |
The resource being accessed, as a REST-style string. For example:
|
permission |
The required IAM permission. |
granted |
Whether or not authorization for |
RequestMetadata
Metadata about the request.
JSON representation | |
---|---|
{ "callerIp": string, "callerSuppliedUserAgent": string } |
Fields | |
---|---|
callerIp |
The IP address of the caller. For caller from internet, this will be public IPv4 or IPv6 address. For caller from a Compute Engine VM with external IP address, this will be the VM's external IP address. For caller from a Compute Engine VM without external IP address, if the VM is in the same organization (or project) as the accessed resource, |
callerSuppliedUserAgent |
The user agent of the caller. This information is not authenticated and should be treated accordingly. For example:
|