Audit Logs
Audit logs help you answer “Who did what, where, and when?”. Audit logs allow us to view all the changes that have happened on GCP resources. There are 4 types of audit logs supported in GCP.
- Admin Activity: Log entries for API calls and other operations that change the configuration or metadata of resources can be seen in the audit logs for admin activity. It is created even if the Cloud Logging API is disabled.
- Data access: These include API calls that generate, edit, or read user-provided resource data.
- System event: Log entries for Google Cloud activities that change resource settings are found in System Event audit logs.
- Policy Denied: These are recorded when a Google Cloud service denies access to a user when the security policy is violated.
Feature |
Admin Activity |
Data access |
System Event |
Policy Denied |
---|---|---|---|---|
Default enabling |
Yes |
No |
Yes |
Yes |
Chargeable |
No |
charges on basis of volumes of logs of data |
No |
charges on basis of volumes of logs of data |
Default retention period |
400 days |
30 days |
400 days |
30 days |
How to Use Cloud Identity and Access Management (IAM) For Access Control on GCP?
IAM defines “who can do what on which resource”. Cloud IAM (Identity Access Management) offers a standardized set of functions and integrates access management for Google Cloud services into a single solution. You can create and manage permissions for Google Cloud resources using the Identity and Access Management (IAM) service provided by Google Cloud. The appropriate tools are provided by Cloud IAM to efficiently and highly automate the management of resource rights. Users do not receive permissions directly from you, you give them roles instead, that combine one or more permissions. You can use this to relate jobs and groups within your organization to specific job responsibilities. Users only have access to the information they require to do their tasks, and administrators can easily give default permissions to huge groups of users.
Contact Us