Viewing roles assigned for a trail
Written by
Updated at May 5, 2025
Note
CLI
API
If you do not have the Yandex Cloud CLI yet, install and initialize it.
The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.
-
See the description of the CLI command to view roles assigned for a trail:
yc audit-trails trail list-access-bindings --help -
Get a list of trails:
yc audit-trails trail listResult:
+----------------------+--------------+--------+-------------------+ | ID | NAME | STATUS | FILTERS | +----------------------+--------------+--------+-------------------+ | cnp82sb0phnm******** | trailfromapi | ACTIVE | storage compute | | | | | management.events | | cnp8v52idttr******** | tf-trail | ACTIVE | storage compute | | | | | mdb.postgresql | | cnpnkcubr529******** | test-2 | ACTIVE | compute | +----------------------+--------------+--------+-------------------+ -
View the roles assigned for a trail by specifying its name or ID:
yc audit-trails trail list-access-bindings <trail_name_or_ID>Result:
+---------------------+--------------+-----------------------+ | ROLE ID | SUBJECT TYPE | SUBJECT ID | +---------------------+--------------+-----------------------+ | audit-trails.viewer | system | allAuthenticatedUsers | +---------------------+--------------+-----------------------+
To view roles assigned for a trail, use the listAccessBindings REST API method for the Trail resource or the TrailService/ListAccessBindings gRPC API call.