Yandex Cloud
Search
Contact UsGet started
  • Blog
  • Pricing
  • Documentation
  • All Services
  • System Status
    • Featured
    • Infrastructure & Network
    • Data Platform
    • Containers
    • Developer tools
    • Serverless
    • Security
    • Monitoring & Resources
    • ML & AI
    • Business tools
  • All Solutions
    • By industry
    • By use case
    • Economics and Pricing
    • Security
    • Technical Support
    • Customer Stories
    • Gateway to Russia
    • Cloud for Startups
    • Education and Science
  • Blog
  • Pricing
  • Documentation
Yandex project
© 2025 Yandex.Cloud LLC
Yandex Identity and Access Management
  • Secure use of Yandex Cloud
  • Access management
  • Pricing policy
  • Role reference
  • Terraform reference
  • Monitoring metrics
  • Audit Trails events
  • Release notes

In this article:

  • Management event reference
  • Data event reference

Yandex Audit Trails event reference

Written by
Yandex Cloud
Updated at April 17, 2025
  • Management event reference
  • Data event reference

Audit Trails supports tracking of management (control plane) events and data (data plane) events for Yandex Identity and Access Management.

The general view of the event_type field value is as follows:

yandex.cloud.audit.iam.<event_name>

Management event referenceManagement event reference

Event name Description
AddFederatedUserAccounts Adding a user to a federation
CreateAccessKey Creating a static key
CreateApiKey Creating an API key
CreateCertificate Adding a certificate for a federation
CreateFederation Creating a federation
CreateIamCookieForSubject Federated user login *
CreateKey Creating a key pair for a service account
CreateServiceAccount Creating a service account
DeleteAccessKey Deleting a static key
DeleteApiKey Deleting API keys
DeleteCertificate Deleting a certificate for a federation
DeleteFederation Deleting a federation
DeleteKey Deleting a key pair for a service account
DeleteServiceAccount Deleting a service account
DetectLeakedCredential Detecting a secret in a public source
DisableService Revoking service access to resources of other cloud services
EnableService Granting service access to resources of other cloud services
RevokeLeakedCredential Revoking a compromised secret
SetServiceAccountAccessBindings Assigning access permissions for a service account
UpdateAccessKey Updating a static key
UpdateApiKey Updating an API key
UpdateCertificate Renewing a certificate
UpdateFederation Updating a federation
UpdateKey Updating a key pair
UpdateServiceAccount Updating a service account
UpdateServiceAccountAccessBindings Updating access permissions for a service account
workload.CreateFederatedCredential Creating a link in a service account federation
workload.DeleteFederatedCredential Deleting a link from a service account federation
workload.oidc.CreateFederation Creating a workload identity federation
workload.oidc.DeleteFederation Deleting a workload identity federation
workload.oidc.SetFederationAccessBindings Assigning access permissions to a workload identity federation
workload.oidc.UpdateFederation Updating a workload identity federation
workload.oidc.UpdateFederationAccessBindings Modifying access permissions of a workload identity federation

* The event will not end up in the audit log unless the audit log collection scope for the trail is Organization.

Data event referenceData event reference

Event name Description
CreateIamToken Creating an IAM token
RevokeIamToken Revoking an IAM token
oslogin.CheckSshPolicy Checking permissions to connect via SSH with OS Login access
oslogin.GenerateSshCertificate Generating an SSH certificate for OS Login access

Was the article helpful?

Previous
Monitoring metrics
Next
Release notes
Yandex project
© 2025 Yandex.Cloud LLC