Specifies the audit configuration for a service.
The configuration determines which permission types are logged, and what
identities, if any, are exempted from logging.
An AuditConfig must have one or more AuditLogConfigs.
If there are AuditConfigs for both allServices and a specific service,
the union of the two AuditConfigs is used for that service: the log_types
specified in each AuditConfig are enabled, and the exempted_members in each
AuditLogConfig are exempted.
Example Policy with multiple AuditConfigs:
{
"audit_configs": [
{
"service": "allServices",
"audit_log_configs": [
{
"log_type": "DATA_READ",
"exempted_members": [
"user:jose@example.com"
]
},
{
"log_type": "DATA_WRITE"
},
{
"log_type": "ADMIN_READ"
}
]
},
{
"service": "sampleservice.googleapis.com",
"audit_log_configs": [
{
"log_type": "DATA_READ"
},
{
"log_type": "DATA_WRITE",
"exempted_members": [
"user:aliya@example.com"
]
}
]
}
]
}
For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
logging. It also exempts jose@example.com from DATA_READ logging, and
aliya@example.com from DATA_WRITE logging.
Specifies a service that will be enabled for audit logging.
For example, storage.googleapis.com, cloudsql.googleapis.com.
allServices is a special value that covers all services.
Specifies a service that will be enabled for audit logging.
For example, storage.googleapis.com, cloudsql.googleapis.com.
allServices is a special value that covers all services.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-02-06 UTC."],[],[]]
