Overview

Control Plane exposes a tamper-proof audit trail service for both Control Plane and custom workload actions.

To use this feature, a unique Audit Context needs to be created for your workload.

The audit context named cpln already exists to audit the actions that occur while using Control Plane.

Please refer to the audit trail reference page for additional details on how to query the audit trail and how to securely capture actions for your workloads.

Create an Audit Context

Refer to the Create an Audit Context guide for additional details.

Permissions

The permissions below are used to define policies together with one or more of the four principal types:

PermissionDescriptionImplies
createCreate new contexts
editModify existing contextsview
manageFull accesscreate, edit, manage, readAudit, view, writeAudit
readAuditRead from this contextview
viewRead-only view
writeAuditWrite to this contextview

Access Report

Displays the permissions granted to principals for the audit context.

Writing audit records from a workload

  1. Make sure the workload is assigned an identity that is granted writeAudit permissions to your custom audit context.

  2. Write events using the internal audit endpoint

    #minimal example
curl -H "Content-Type: application/json" -X POST http://127.0.0.1:43000/audit/org/${CPLN_ORG}/auditctx/custom-audit-context?async=true -d '{"resource": {"id": "anyid123", "type": "anytype"}}'

CLI

To view the CLI documentation for Audit Contexts, click here.

AgentsAudit Trail