IP Filter Authorization Auditable Event Methods on Confluent Cloud¶
Included here are the auditable event methods for operations on IP filters
that generate auditable event messages for the io.confluent.cloud/authorization
event type. When an auditable event occurs, the auditable event method is triggered
and a message is sent to the audit log and is stored as an audit log record.
For details about the IP Filtering feature and the use of IP filters and IP groups, see IP Filtering on Confluent Cloud.
| Method name | Action triggering an auditable event message |
|---|---|
| ip-filter.Authorize | An IP filter denies access to Confluent Cloud resources in an organization. |
Examples¶
ip-filter.Authorize¶
The ip-filter.Authorize event method is generated by the denial of a request
to access Confluent Cloud resources in an organization from an IP address that is not
covered in an IP group’s CIDR block included in an IP filter.
{
"datacontenttype":"application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"ip-filter.Authorize",
"cloudResources":[
{
"resource":{
"type":"ORGANIZATION",
"resourceId":"26bdbe6b-0c1b-4d25-a6e6-7bcc4d0932e3"
}
}
],
"authenticationInfo":{
"principal":{
"confluentUser":{
"resourceId":"u-123456"
}
},
"result":"SUCCESS",
"identity":"crn://confluent.cloud/organization=26fcbe6c-0c1b-4d65-a7e5-6acb4d082313/identity-provider=Confluent/identity=u-123456"
},
"authorizationInfo":{
"result":"DENY",
"ipfilterAuthorization":{
"clientIp":"1.2.3.4",
"resourceGroup":"MANAGEMENT"
}
},
"requestMetadata":{
"requestId":[
"b0c6a8d763140e9e23789d2dce4b6ac5"
],
"clientAddress":[
{
"ip":"1.2.3.4"
}
]
},
"resourceName":"crn://confluent.cloud/organization=26fcbe6c-0c1b-4d65-a7e5-6acb4d082313"
},
"subject":"crn://confluent.cloud/organization=26fcbe6c-0c1b-4d65-a7e5-6acb4d082313",
"specversion":"1.0",
"id":"0e0376b2-9100-43d8-a387-bd53e8bebdb3",
"source":"crn://confluent.cloud/",
"time":"2023-12-01T18:14:20.929608274Z",
"type":"io.confluent.cloud/authorization"
}