gcp_bigquery_client/model/audit_config.rs
1use crate::model::audit_log_config::AuditLogConfig;
2
3/// AuditConfig : Specifies the audit configuration for a service. The configuration determines which permission types
4/// are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more
5/// AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two
6/// AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the
7/// exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs:
8/// { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] }
9/// For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts
10/// jose@example.com from DATA_READ logging, and aliya@example.com from DATA_WRITE logging.
11
12#[derive(Debug, Default, Clone, Serialize, Deserialize)]
13#[serde(rename_all = "camelCase")]
14pub struct AuditConfig {
15 /// The configuration for logging of each type of permission.
16 #[serde(skip_serializing_if = "Option::is_none")]
17 pub audit_log_configs: Option<Vec<AuditLogConfig>>,
18 /// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
19 #[serde(skip_serializing_if = "Option::is_none")]
20 pub service: Option<String>,
21}