Struct google_cloudresourcemanager1::AuditConfig
[−]
[src]
pub struct AuditConfig { pub audit_log_configs: Option<Vec<AuditLogConfig>>, pub service: Option<String>, }
Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs.
If there are AuditConfigs for both allServices
and a specific service,
the union of the two AuditConfigs is used for that service: the log_types
specified in each AuditConfig are enabled, and the exempted_members in each
AuditConfig are exempted.
Example Policy with multiple AuditConfigs:
{ "audit_configs": [ { "service": "allServices" "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:foo@gmail.com" ] }, { "log_type": "DATA_WRITE", }, { "log_type": "ADMIN_READ", } ] }, { "service": "fooservice.googleapis.com" "audit_log_configs": [ { "log_type": "DATA_READ", }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:bar@gmail.com" ] } ] } ] }
For fooservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts foo@gmail.com from DATA_READ logging, and bar@gmail.com from DATA_WRITE logging.
This type is not used in any activity, and only used as part of another schema.
Fields
audit_log_configs: Option<Vec<AuditLogConfig>>
The configuration for logging of each type of permission. Next ID: 4
service: Option<String>
Specifies a service that will be enabled for audit logging.
For example, storage.googleapis.com
, cloudsql.googleapis.com
.
allServices
is a special value that covers all services.
Trait Implementations
impl Default for AuditConfig
[src]
fn default() -> AuditConfig
Returns the "default value" for a type. Read more
impl Clone for AuditConfig
[src]
fn clone(&self) -> AuditConfig
Returns a copy of the value. Read more
fn clone_from(&mut self, source: &Self)
1.0.0
Performs copy-assignment from source
. Read more