Access Context Manager GCP-accesscontextmanager.googleapis.com
11 operations, identified by methodName in the audit log.
| methodName | Description |
|---|---|
| any | Catch-all entry for accesscontextmanager.googleapis.com. Source-only rules that attribute to the service without a specific method attribute here. Not a distinct audit log operation. |
| google-identity-accesscontextmanager-AccessContextManager-CommitServicePerimeters | Commit the dry-run spec for all the Service Perimeters in an Access Policy. A commit operation on a Service Perimeter involves copying its spec field to that Service Perimeter's status field. |
| google-identity-accesscontextmanager-AccessContextManager-CreateAccessLevel | Creates an access level. |
| google-identity-accesscontextmanager-AccessContextManager-CreateAccessPolicy | Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage. |
| google-identity-accesscontextmanager-AccessContextManager-CreateServicePerimeter | Creates a Service Perimeter. |
| google-identity-accesscontextmanager-AccessContextManager-DeleteAccessLevel | Deletes an Access Level based on the resource name. |
| google-identity-accesscontextmanager-AccessContextManager-DeleteAccessPolicy | Deletes an access policy based on the resource name. |
| google-identity-accesscontextmanager-AccessContextManager-DeleteServicePerimeter | Deletes a Service Perimeter based on the resource name. |
| google-identity-accesscontextmanager-AccessContextManager-UpdateAccessLevel | Updates an Access Level. The long-running operation from this RPC has a successful status after the changes to the Access Level propagate to long-lasting storage. |
| google-identity-accesscontextmanager-AccessContextManager-UpdateAccessPolicy | Updates an access policy. The long-running operation from this RPC has a successful status after the changes to the access policy propagate to long-lasting storage. |
| google-identity-accesscontextmanager-AccessContextManager-UpdateServicePerimeter | Updates a Service Perimeter. The long-running operation from this RPC has a successful status after the changes to the Service Perimeter propagate to long-lasting storage. |
any: accesscontextmanager.googleapis.com (any method)
#Description
Catch-all entry for accesscontextmanager.googleapis.com. Source-only rules that attribute to the service without a specific method attribute here. Not a distinct audit log operation.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-CommitServicePerimeters: Commit service perimeters
#Description
Commit the dry-run spec for all the Service Perimeters in an Access Policy. A commit operation on a Service Perimeter involves copying its spec field to that Service Perimeter's status field.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-CreateAccessLevel: Create access level
#Description
Creates an access level.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-CreateAccessPolicy: Create access policy
#Description
Creates an access policy. This method fails if the organization already has an access policy. The long-running operation has a successful status after the access policy propagates to long-lasting storage.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-CreateServicePerimeter: Create service perimeter
#Description
Creates a Service Perimeter.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-DeleteAccessLevel: Delete access level
#Description
Deletes an Access Level based on the resource name.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-DeleteAccessPolicy: Delete access policy
#Description
Deletes an access policy based on the resource name.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-DeleteServicePerimeter: Delete service perimeter
#Description
Deletes a Service Perimeter based on the resource name.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-UpdateAccessLevel: Update access level
#Description
Updates an Access Level. The long-running operation from this RPC has a successful status after the changes to the Access Level propagate to long-lasting storage.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-UpdateAccessPolicy: Update access policy
#Description
Updates an access policy. The long-running operation from this RPC has a successful status after the changes to the access policy propagate to long-lasting storage.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |
google-identity-accesscontextmanager-AccessContextManager-UpdateServicePerimeter: Update service perimeter
#Description
Updates a Service Perimeter. The long-running operation from this RPC has a successful status after the changes to the Service Perimeter propagate to long-lasting storage.
Fields #
| Name | Description |
|---|---|
protoPayload.serviceName | The GCP service endpoint that processed the request (e.g. compute.googleapis.com). |
protoPayload.methodName | The specific API operation that was audited (versioned form, e.g. v1.compute.instances.insert). |
protoPayload.resourceName | Scheme-less URI of the resource targeted by the operation. |
protoPayload.authenticationInfo.principalEmail | Email address of the principal that performed the operation. |
protoPayload.requestMetadata.callerIp | IP address of the caller. |
protoPayload.requestMetadata.callerSuppliedUserAgent | User agent reported by the caller. |
protoPayload.authorizationInfo | List of authorization checks performed (resource, permission, granted). |
protoPayload.request | API request object (service-specific structure). |
protoPayload.response | API response object (service-specific structure). |
logName | Log stream identifier; suffix encodes the audit log type (activity, data_access, system_event, policy). |