Class: Google::Iam::V1::AuditLogConfig
- Inherits:
-
Object
- Object
- Google::Iam::V1::AuditLogConfig
- Extended by:
- Protobuf::MessageExts::ClassMethods
- Includes:
- Protobuf::MessageExts
- Defined in:
- proto_docs/google/iam/v1/policy.rb
Overview
Provides the configuration for logging a type of permissions. Example:
{
"audit_log_configs": [
{
"log_type": "DATA_READ",
"exempted_members": [
"user:[email protected]"
]
},
{
"log_type": "DATA_WRITE"
}
]
}
This enables ‘DATA_READ’ and ‘DATA_WRITE’ logging, while exempting [email protected] from DATA_READ logging.
Defined Under Namespace
Modules: LogType
Instance Attribute Summary collapse
-
#exempted_members ⇒ ::Array<::String>
Specifies the identities that do not cause logging for this type of permission.
-
#log_type ⇒ ::Google::Iam::V1::AuditLogConfig::LogType
The log type that this config enables.
Instance Attribute Details
#exempted_members ⇒ ::Array<::String>
Returns Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 |
# File 'proto_docs/google/iam/v1/policy.rb', line 317 class AuditLogConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # The list of valid permission types for which logging can be configured. # Admin writes are always logged, and are not configurable. module LogType # Default case. Should never be this. LOG_TYPE_UNSPECIFIED = 0 # Admin reads. Example: CloudIAM getIamPolicy ADMIN_READ = 1 # Data writes. Example: CloudSQL Users create DATA_WRITE = 2 # Data reads. Example: CloudSQL Users list DATA_READ = 3 end end |
#log_type ⇒ ::Google::Iam::V1::AuditLogConfig::LogType
Returns The log type that this config enables.
317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 |
# File 'proto_docs/google/iam/v1/policy.rb', line 317 class AuditLogConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # The list of valid permission types for which logging can be configured. # Admin writes are always logged, and are not configurable. module LogType # Default case. Should never be this. LOG_TYPE_UNSPECIFIED = 0 # Admin reads. Example: CloudIAM getIamPolicy ADMIN_READ = 1 # Data writes. Example: CloudSQL Users create DATA_WRITE = 2 # Data reads. Example: CloudSQL Users list DATA_READ = 3 end end |