Reference documentation and code samples for the Google API Common Protos V1 Client class AuditConfig.
Specifies the audit configuration for a service.
The configuration determines which permission types are logged, and what
identities, if any, are exempted from logging.
An AuditConfig must have one or more AuditLogConfigs.
If there are AuditConfigs for bothallServicesand a specific service,
the union of the two AuditConfigs is used for that service: the log_types
specified in each AuditConfig are enabled, and the exempted_members in each
AuditLogConfig are exempted.
Example Policy with multiple AuditConfigs:
{
"audit_configs": [
{
"service": "allServices",
"audit_log_configs": [
{
"log_type": "DATA_READ",
"exempted_members": [
"user:jose@example.com"
]
},
{
"log_type": "DATA_WRITE"
},
{
"log_type": "ADMIN_READ"
}
]
},
{
"service": "sampleservice.googleapis.com",
"audit_log_configs": [
{
"log_type": "DATA_READ"
},
{
"log_type": "DATA_WRITE",
"exempted_members": [
"user:aliya@example.com"
]
}
]
}
]
}
For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ
logging. It also exemptsjose@example.comfrom DATA_READ logging, andaliya@example.comfrom DATA_WRITE logging.
Generated from protobuf messagegoogle.iam.v1.AuditConfig
Namespace
Google \ Cloud \ Iam \ V1
Methods
__construct
Constructor.
Parameters
Name
Description
data
array
Optional. Data for populating the Message object.
↳ service
string
Specifies a service that will be enabled for audit logging. For example,storage.googleapis.com,cloudsql.googleapis.com.allServicesis a special value that covers all services.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Google API Common Protos V1 Client - Class AuditConfig (4.12.3)\n\nVersion latestkeyboard_arrow_down\n\n- [4.12.3 (latest)](/php/docs/reference/common-protos/latest/Cloud.Iam.V1.AuditConfig)\n- [4.12.2](/php/docs/reference/common-protos/4.12.2/Cloud.Iam.V1.AuditConfig)\n- [4.11.0](/php/docs/reference/common-protos/4.11.0/Cloud.Iam.V1.AuditConfig)\n- [4.10.0](/php/docs/reference/common-protos/4.10.0/Cloud.Iam.V1.AuditConfig)\n- [4.9.0](/php/docs/reference/common-protos/4.9.0/Cloud.Iam.V1.AuditConfig)\n- [4.8.3](/php/docs/reference/common-protos/4.8.3/Cloud.Iam.V1.AuditConfig) \nReference documentation and code samples for the Google API Common Protos V1 Client class AuditConfig.\n\nSpecifies the audit configuration for a service.\n\nThe configuration determines which permission types are logged, and what\nidentities, if any, are exempted from logging.\nAn AuditConfig must have one or more AuditLogConfigs.\nIf there are AuditConfigs for both `allServices` and a specific service,\nthe union of the two AuditConfigs is used for that service: the log_types\nspecified in each AuditConfig are enabled, and the exempted_members in each\nAuditLogConfig are exempted.\nExample Policy with multiple AuditConfigs:\n{\n\"audit_configs\": \\[\n{\n\"service\": \"allServices\",\n\"audit_log_configs\": \\[\n{\n\"log_type\": \"DATA_READ\",\n\"exempted_members\": \\[\n\"user:jose@example.com\"\n\\]\n},\n{\n\"log_type\": \"DATA_WRITE\"\n},\n{\n\"log_type\": \"ADMIN_READ\"\n}\n\\]\n},\n{\n\"service\": \"sampleservice.googleapis.com\",\n\"audit_log_configs\": \\[\n{\n\"log_type\": \"DATA_READ\"\n},\n{\n\"log_type\": \"DATA_WRITE\",\n\"exempted_members\": \\[\n\"user:aliya@example.com\"\n\\]\n}\n\\]\n}\n\\]\n}\nFor sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ\nlogging. It also exempts `jose@example.com` from DATA_READ logging, and\n`aliya@example.com` from DATA_WRITE logging.\n\nGenerated from protobuf message `google.iam.v1.AuditConfig`\n\nNamespace\n---------\n\nGoogle \\\\ Cloud \\\\ Iam \\\\ V1\n\nMethods\n-------\n\n### __construct\n\nConstructor.\n\n### getService\n\nSpecifies a service that will be enabled for audit logging.\n\nFor example, `storage.googleapis.com`, `cloudsql.googleapis.com`.\n`allServices` is a special value that covers all services.\n\n### setService\n\nSpecifies a service that will be enabled for audit logging.\n\nFor example, `storage.googleapis.com`, `cloudsql.googleapis.com`.\n`allServices` is a special value that covers all services.\n\n### getAuditLogConfigs\n\nThe configuration for logging of each type of permission.\n\n### setAuditLogConfigs\n\nThe configuration for logging of each type of permission."]]
