Audit Context
Overview
Control Plane exposes a tamper-proof audit trail service for both Control Plane and custom workload actions.
To use this feature, a unique Audit Context needs to be created for your workload.
The audit context named cpln already exists to audit the actions that occur while using Control Plane.
Please refer to the audit trail reference page for additional details on how to query the audit trail and how to securely capture actions for your workloads.
Create an Audit Context
Refer to the Create an Audit Context guide for additional details.
Permissions
The permissions below are used to define policies together with one or more of the four principal types:
| Permission | Description | Implies |
|---|---|---|
| create | Create new contexts | |
| edit | Modify existing contexts | view |
| manage | Full access | create, edit, manage, readAudit, view, writeAudit |
| readAudit | Read from this context | view |
| view | Read-only view | |
| writeAudit | Write to this context | view |
Access Report
Displays the permissions granted to principals for the audit context.
CLI
To view the CLI documentation for Audit Contexts, click here
Writing audit records from a workload
Make sure the workload is assigned an identity that is granted writeAudit permissions to your custom audit context.
Write events using the internal audit endpoint
copy#minimal examplecurl -H "Content-Type: application/json" -X POST http://127.0.0.1:43000/audit/org/${CPLN_ORG}/auditctx/custom-audit-context?async=true -d '{"resource": {"id": "anyid123", "type": "anytype"}}'