Yandex Audit Trails event reference
Written by
Updated at October 7, 2024
Audit Trails supports tracking of management (control plane) events and data (data plane) events for Yandex Identity and Access Management.
The general view of the event_type
field value is as follows:
yandex.cloud.audit.iam.<event_name>
Management event reference
Event name | Description |
---|---|
AddFederatedUserAccounts |
Adding a user to a federation |
CreateAccessKey |
Creating a static key |
CreateApiKey |
Creating API keys |
CreateCertificate |
Adding a certificate for a federation |
CreateFederation |
Creating a federation |
CreateIamCookieForSubject |
Federated user login * |
CreateKey |
Creating a key pair for a service account |
CreateServiceAccount |
Creating a service account |
DeleteAccessKey |
Deleting a static key |
DeleteApiKey |
Deleting API keys |
DeleteCertificate |
Deleting a certificate for a federation |
DeleteFederation |
Deleting a federation |
DeleteKey |
Deleting a key pair for a service account |
DeleteServiceAccount |
Deleting a service account |
DetectLeakedCredential |
Detecting a secret in a public source |
SetServiceAccountAccessBindings |
Assigning access permissions for a service account |
UpdateAccessKey |
Updating a static key |
UpdateApiKey |
Updating an API key |
UpdateCertificate |
Renewing a certificate |
UpdateFederation |
Updating a federation |
UpdateKey |
Updating a key pair |
UpdateServiceAccount |
Updating a service account |
UpdateServiceAccountAccessBindings |
Updating access permissions for a service account |
* The event is not logged in the audit log unless the audit log collection scope for the trail is Organization
.
Data event reference
Event name | Description |
---|---|
CreateIamToken |
Creating an IAM token |
oslogin.CheckSshPolicy |
Checking permissions to connect via SSH with OS Login access |
oslogin.GenerateSshCertificate |
Generating an SSH certificate for OS Login access |