Cloud Bigtable API audit logging
This document describes audit logging for Cloud Bigtable API. Google Cloud services write audit logs that record administrative activities and accesses within your Google Cloud resources. For more information, see Cloud Audit Logs overview.
This page was last generated on 2024-05-21 17:14:03 UTC.
Notes
When a log entry exceeds the size limit, Cloud Logging splits that entry and distributes the data across several entries. To learn how to identify and reassemble split audit logs, see Split audit log entries.
Service name
Cloud Bigtable API audit logs use the service name bigtable.googleapis.com
.
Methods by permission type
For details about which fields are logged for Data Access audit logging, see Audit log fields. Before you enable Data Access audit logging, read Managing Costs.
Methods that check DATA_READ
, DATA_WRITE
, and ADMIN_READ
permission types are Data Access audit logs.
Methods that check ADMIN_WRITE
permission types are Admin Activity audit logs.
Permission type | Methods |
---|---|
DATA_READ | google.bigtable.v2.Bigtable.GenerateInitialChangeStreamPartitions google.bigtable.v2.Bigtable.ReadChangeStream google.bigtable.v2.Bigtable.ReadModifyWriteRow google.bigtable.v2.Bigtable.ReadRows google.bigtable.v2.Bigtable.SampleRowKeys |
DATA_WRITE | google.bigtable.v2.Bigtable.CheckAndMutateRow google.bigtable.v2.Bigtable.MutateRow google.bigtable.v2.Bigtable.MutateRows google.bigtable.v2.Bigtable.ReadModifyWriteRow |
Audit logs per API interface
For information about which permissions are evaluated and how for each method, see the Identity and Access Management documentation for Cloud Bigtable API.
google.bigtable.v2.Bigtable
Details about audit logs associated with methods belonging to google.bigtable.v2.Bigtable
.
google.bigtable.v2.Bigtable.CheckAndMutateRow
- Method: google.bigtable.v2.Bigtable.CheckAndMutateRow
- Audit log Type: Data Access
- Permissions:
bigtable.authorizedViews.mutateRows - DATA_WRITE
bigtable.tables.mutateRows - DATA_WRITE
- Method is a Long Running Operation or Streaming: No.
- Filter for this method:
protoPayload.methodName="google.bigtable.v2.Bigtable.CheckAndMutateRow"
google.bigtable.v2.Bigtable.GenerateInitialChangeStreamPartitions
- Method: google.bigtable.v2.Bigtable.GenerateInitialChangeStreamPartitions
- Audit log Type: Data Access
- Permissions:
bigtable.tables.readRows - DATA_READ
- Method is a Long Running Operation or Streaming:
Streaming RPC
- Filter for this method:
protoPayload.methodName="google.bigtable.v2.Bigtable.GenerateInitialChangeStreamPartitions"
google.bigtable.v2.Bigtable.MutateRow
- Method: google.bigtable.v2.Bigtable.MutateRow
- Audit log Type: Data Access
- Permissions:
bigtable.authorizedViews.mutateRows - DATA_WRITE
bigtable.tables.mutateRows - DATA_WRITE
- Method is a Long Running Operation or Streaming: No.
- Filter for this method:
protoPayload.methodName="google.bigtable.v2.Bigtable.MutateRow"
google.bigtable.v2.Bigtable.MutateRows
- Method: google.bigtable.v2.Bigtable.MutateRows
- Audit log Type: Data Access
- Permissions:
bigtable.authorizedViews.mutateRows - DATA_WRITE
bigtable.tables.mutateRows - DATA_WRITE
- Method is a Long Running Operation or Streaming:
Streaming RPC
- Filter for this method:
protoPayload.methodName="google.bigtable.v2.Bigtable.MutateRows"
google.bigtable.v2.Bigtable.ReadChangeStream
- Method: google.bigtable.v2.Bigtable.ReadChangeStream
- Audit log Type: Data Access
- Permissions:
bigtable.tables.readRows - DATA_READ
- Method is a Long Running Operation or Streaming:
Streaming RPC
- Filter for this method:
protoPayload.methodName="google.bigtable.v2.Bigtable.ReadChangeStream"
google.bigtable.v2.Bigtable.ReadModifyWriteRow
- Method: google.bigtable.v2.Bigtable.ReadModifyWriteRow
- Audit log Type: Data Access
- Permissions:
bigtable.authorizedViews.mutateRows - DATA_WRITE
bigtable.authorizedViews.readRows - DATA_READ
bigtable.tables.mutateRows - DATA_WRITE
bigtable.tables.readRows - DATA_READ
- Method is a Long Running Operation or Streaming: No.
- Filter for this method:
protoPayload.methodName="google.bigtable.v2.Bigtable.ReadModifyWriteRow"
google.bigtable.v2.Bigtable.ReadRows
- Method: google.bigtable.v2.Bigtable.ReadRows
- Audit log Type: Data Access
- Permissions:
bigtable.authorizedViews.readRows - DATA_READ
bigtable.tables.readRows - DATA_READ
- Method is a Long Running Operation or Streaming:
Streaming RPC
- Filter for this method:
protoPayload.methodName="google.bigtable.v2.Bigtable.ReadRows"
google.bigtable.v2.Bigtable.SampleRowKeys
- Method: google.bigtable.v2.Bigtable.SampleRowKeys
- Audit log Type: Data Access
- Permissions:
bigtable.authorizedViews.sampleRowKeys - DATA_READ
bigtable.tables.sampleRowKeys - DATA_READ
- Method is a Long Running Operation or Streaming:
Streaming RPC
- Filter for this method:
protoPayload.methodName="google.bigtable.v2.Bigtable.SampleRowKeys"