saurabh umathe
Reputation: 395
How can i get the logs of roles modifications on some specific IAM user in GCP
I need to know who modified(added or deleted) the roles for some specific IAM user in GCP. I could not get these details in GCP logging even after adding data write in audit logging for IAM permissions.
Are we missing something here?
Upvotes: 3
Views: 3953
Answers (1)
Gabriel Robledo Ahumada
Reputation: 1701
You need to query either your Cloud project, folder, billing account, or organization for audit logs.
Here you have an example of a query to a Cloud project and filtering just the logs where a particular user is involved:
gcloud logging read "logName : projects/$YOUR_PROJECT_ID/logs/cloudaudit.googleapis.com AND \
protoPayload.response.bindings.members:[email protected]" --project=$YOUR_PROJECT_ID
Take a look at the official documentation for more information.
Upvotes: 3
Related Questions
- How to list all the IAM roles that include a given permission in GCP
- How do I list the roles associated with a gcp service account?
- GCP logging: Find all resources (recently) used by a specific user
- How to log all permissions an application is using in Google Cloud's SDK
- GCP: how can i find in Cloud Logging permission / role changes for a specific user?
- How to get all roles/permissions that a service account have for a project and organization in GCP through API
- How to Identify the current roles/permissions used in GCP projects?
- How to list role changes in GCP stackdriver?
- How to audit and show which user made changes to a GKE node pool using Logs Explorer?
- Changing GCP IAM roles for multiple users