This document describes how to configure Gemini Code Assist logging for a project by using the Google Cloud console or an API.
Limitations
Gemini in Google Cloud log data recording is limited to user interactions with Gemini Code Assist within the IDE.
Additionally, Gemini for Google Cloud doesn't log data for Gemini Code Assist if VS Code telemetry is turned off by the user.
Before you begin
- Ensure your Google Cloud project is attached to a billing account.
(Optional) Grant IAM permissions
To configure Gemini Code Assist logging, you must have specific Identity and Access Management (IAM) permissions, which are detailed in the following sections. Ensure these permissions are added to custom IAM roles.
Alternatively, you can
grant the
Gemini for Google Cloud Settings Admin (roles/cloudaicompanion.settingsAdmin
)
IAM predefined role, which includes all required
permissions needed to work with all Gemini for Google Cloud
administrator settings.
(Optional) Bind permissions to settings and targets
If you are configuring Gemini Code Assist administrator settings in the Google Cloud console, then you can skip this section.
To configure Gemini Code Assist administrator settings with the Gemini for Google Cloud API, you must first create settings, then create bindings to "bind" those settings and targets (such as instance, topic, or projects) for specific products (such as Gemini Cloud Assist or Gemini Code Assist).
All permissions to create and update settings are at the project level.
Configure Gemini Code Assist logging
The following sections provide steps required to enable the collection and storage of Gemini Code Assist activity in Cloud Logging, including:
Gemini Code Assist prompts and response logs, such as user input, contextual information, and responses.
Gemini Code Assist metadata logs, such as telemetry metadata and lines of code accepted by the user.
For more details on both types of log, see View Gemini logs.
Enable logging for Gemini Code Assist
Select one of the following options:
Console
Ensure you have enabled the Cloud Logging API in the project.
Ensure that you have the following Identity and Access Management (IAM) permissions on the project that owns the subscription:
loggingSettings.create
loggingSettings.list
loggingSettings.update
loggingSettings.get
cloudaicompanion.instances.loggingSettings.use
cloudaicompanion.instances.queryEffectiveSetting
settingBindings.loggingSettingsList
settingBindings.loggingSettingsGet
settingBindings.loggingSettingsUpdate
settingBindings.loggingSettingsCreate
cloudaicompanion.settingBindings.loggingSettingsUse
cloudaicompanion.instances.queryEffectiveSettingBindings
In the Google Cloud console, go to the Admin for Gemini page.
The Gemini for Google Cloud page loads.
Click Settings in the left navigation menu.
The Settings page loads.
(Optional) Click Logging for Code Assist metadata to record the metadata from the usage of Gemini Code Assist in the project.
(Optional) Click Logging for Code Assist prompts and responses to record the prompts and responses generated by users of Gemini Code Assist in the project.
Click Save Changes.
API
To enable logging for Gemini Code Assist, use the
loggingSetting
method.
Ensure you have enabled the Cloud Logging API in the project.
Ensure that you have the following Identity and Access Management (IAM) permissions on the project that owns the subscription:
loggingSettings.create
loggingSettings.list
loggingSettings.update
loggingSettings.get
cloudaicompanion.instances.loggingSettings.use
cloudaicompanion.instances.queryEffectiveSetting
settingBindings.loggingSettingsList
settingBindings.loggingSettingsGet
settingBindings.loggingSettingsUpdate
settingBindings.loggingSettingsCreate
cloudaicompanion.settingBindings.loggingSettingsUse
cloudaicompanion.instances.queryEffectiveSettingBindings
Create the setting and a setting-specific value:
Obtain the token:
TOKEN=$(gcloud auth print-access-token)
Enable Gemini Code Assist metadata logs.
Run the following command to create the setting:
curl -X POST \ -H "Authorization: Bearer $TOKEN" \ -H 'Content-Type: application/json' \ -d '{ "log_metadata": true, } ' \ "https://cloudaicompanion.googleapis.com/v1/projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings?logging_setting_id=SETTING_ID"
Replace the following:
CONTAINER_PROJECT_NAME
: Enter the parent project ID.SETTING_ID
: Enter a unique setting name, such asgcalm1
forGemini Code Assist log metadata
.
If the command succeeds, it returns a response body that shows the
log_metadata
set totrue
:{ "name": "projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings/SETTING_ID", "createTime": "2025-01-23T15:22:49.717166932Z", "updateTime": "2025-01-23T15:22:49.717166932Z", "log_metadata": true }
Run the following command to create the Gemini Code Assist metadata logs setting binding:
curl -X POST \ -H "Authorization: Bearer $TOKEN" \ -H 'Content-Type: application/json' \ -d '{ "target": "projects/TARGET_PROJECT_NAME" }' \ "https://cloudaicompanion.googleapis.com/v1/projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings/SETTING_ID/settingBindings?setting_binding_id=BINDING_ID"
Replace the following:
TARGET_PROJECT_NAME
: Enter the target project to which the setting should be applied.SETTING_ID
: Use the same SETTING_ID when you created the setting, but append it withb1
. For example, usegcalmb1
forGemini Code Assist log metadata
.
If the command succeeds, it returns the operation metadata in the following format:
{ "name": "projects/<var>CONTAINER_PROJECT_NAME</var>/locations/global/operations/operation-1737646069712-62c6140bb04bb-49261230-43701daf", "metadata": { "@type": "type.googleapis.com/google.cloud.cloudaicompanion.v1.OperationMetadata", "createTime": "2025-01-23T15:27:50.076075570Z", "target": "projects/<var>TARGET_PROJECT_NAME</var>/locations/global/loggingSettings/<var>SETTING_ID</var>/settingBindings/<var>BINDING_ID</var>", "verb": "create", "requestedCancellation": false, "apiVersion": "v1" }, "done": false }
Enable Gemini Code Assist user logs.
Run the following command to create the setting:
curl -X POST \ -H "Authorization: Bearer $TOKEN" \ -H 'Content-Type: application/json' \ -d '{ "log_prompts_and_responses": true, } ' \ "https://cloudaicompanion.googleapis.com/v1/projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings?logging_setting_id=SETTING_ID"
Replace the following:
CONTAINER_PROJECT_NAME
: Enter the parent project ID.SETTING_ID
: Enter a unique setting name, such asgcapar1
forGemini Code Assist prompts and responses
.
If the command succeeds, it returns a response body that shows the
log_prompts_and_responses
set totrue
:{ "name": "projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings/SETTING_ID", "createTime": "2025-01-23T15:22:49.717166932Z", "updateTime": "2025-01-23T15:22:49.717166932Z", "log_prompts_and_responses": true }
Run the following command to create the Gemini Code Assist user logs setting binding:
curl \ -H "Authorization: Bearer $TOKEN" \ -H 'Content-Type: application/json' \ -d '{ "target": "projects/TARGET_PROJECT_NAME" }' \ "https://cloudaicompanion.googleapis.com/v1/projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings/SETTING_ID/settingBindings?setting_binding_id=BINDING_ID"
Replace the following:
TARGET_PROJECT_NAME
: Enter the target project to which the setting should be applied.SETTING_ID
: Use the same SETTING_ID when you created the setting, but append it withb1
. For example, usegcaparb1
forGemini Code Assist prompts and responses
.
If the command succeeds, it returns the operation metadata in the following format:
{ "name": "projects/<var>CONTAINER_PROJECT_NAME</var>/locations/global/operations/operation-1737646069712-62c6140bb04bb-49261230-43701daf", "metadata": { "@type": "type.googleapis.com/google.cloud.cloudaicompanion.v1.OperationMetadata", "createTime": "2025-01-23T15:27:50.076075570Z", "target": "projects/<var>TARGET_PROJECT_NAME</var>/locations/global/loggingSettings/<var>SETTING_ID</var>/settingBindings/<var>BINDING_ID</var>", "verb": "create", "requestedCancellation": false, "apiVersion": "v1" }, "done": false }
Disable logging for Gemini Code Assist
Select one of the following options:
Console
Ensure that you have the following Identity and Access Management (IAM) permissions on the project that owns the subscription:
loggingSettings.delete
loggingSettings.list
loggingSettings.update
loggingSettings.get
cloudaicompanion.instances.loggingSettings.use
cloudaicompanion.instances.queryEffectiveSetting
settingBindings.loggingSettingsList
settingBindings.loggingSettingsGet
settingBindings.loggingSettingsUpdate
settingBindings.loggingSettingsDelete
cloudaicompanion.settingBindings.loggingSettingsUse
cloudaicompanion.instances.queryEffectiveSettingBindings
In the Google Cloud console, go to the Admin for Gemini page.
The Gemini for Google Cloud page loads.
Click Settings in the left navigation menu.
The Settings page loads.
(Optional) Click Logging for Code Assist metadata to record the metadata from the usage of Gemini Code Assist in the project.
Click Turn off logging.
Click Save Changes.
API
To enable logging for Gemini Code Assist, use the
loggingSetting
method.
Ensure that you have the following Identity and Access Management (IAM) permissions on the project that owns the subscription:
loggingSettings.create
loggingSettings.list
loggingSettings.update
loggingSettings.get
cloudaicompanion.instances.loggingSettings.use
cloudaicompanion.instances.queryEffectiveSetting
settingBindings.loggingSettingsList
settingBindings.loggingSettingsGet
settingBindings.loggingSettingsUpdate
settingBindings.loggingSettingsCreate
serviceusage.services.enable
Create the setting and a setting-specific value:
Obtain the token:
TOKEN=$(gcloud auth print-access-token)
Run the following command to disable the Gemini Code Assist metadata logs setting:
curl -X POST \ -H "Authorization: Bearer $TOKEN" \ -H 'Content-Type: application/json' \ -d '{ "log_metadata": false, } ' \ "https://cloudaicompanion.googleapis.com/v1/projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings?logging_metadata_id=SETTING_ID"
Replace the following:
CONTAINER_PROJECT_NAME
: Enter the parent project ID.SETTING_ID
: Enter the existing setting name, such asgcalm1
forGemini Code Assist log metadata
.If the command succeeds, it returns a response body that shows the
log_metadata
set tofalse
:{ "name": "projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings/SETTING_ID", "createTime": "2025-01-23T15:22:49.717166932Z", "updateTime": "2025-01-23T15:22:49.717166932Z", "log_metadata": false }
Run the following command to disable the Gemini Code Assist user logs setting:
curl -X POST \ -H "Authorization: Bearer $TOKEN" \ -H 'Content-Type: application/json' \ -d '{ "log_prompts_and_responses": false, } ' \ "https://cloudaicompanion.googleapis.com/v1/projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings?logging_setting_id=SETTING_ID"
Replace the following:
CONTAINER_PROJECT_NAME
: Enter the parent project ID.SETTING_ID
: Enter the existing setting name, such asgcapar1
forGemini Code Assist prompts and responses
.If the command succeeds, it returns a response body that shows the
log_prompts_and_responses
set tofalse
:{ "name": "projects/CONTAINER_PROJECT_NAME/locations/global/loggingSettings/SETTING_ID", "createTime": "2025-01-23T15:22:49.717166932Z", "updateTime": "2025-01-23T15:22:49.717166932Z", "log_prompts_and_responses": false }