Overview
Control Plane provides a tamper-proof audit trail service for both Control Plane and custom workload actions. To use this feature, create a unique audit context for your workload. Thecpln audit context is pre-provisioned and captures all native Control Plane platform activity.
See the audit trail reference page for details on how to query the audit trail and securely capture actions for your workloads.
Create an Audit Context
See the Create an Audit Context guide for setup instructions.Permissions
The following permissions can be assigned through policies to supported principal types:| Permission | Description | Implies |
|---|---|---|
| create | Create new contexts | |
| edit | Modify existing contexts | view |
| manage | Full access | create, edit, manage, readAudit, view, writeAudit |
| readAudit | Read from this context | view |
| view | Read-only view | |
| writeAudit | Write to this context | view |
Access Report
Displays the permissions granted to principals for the audit context.Writing Audit Records from a Workload
-
Make sure the workload is assigned an identity that is granted
writeAuditpermission on the target audit context. -
Write events using the internal audit endpoint: