Networking Auditable Event Methods on Confluent Cloud¶
Auditable event methods for networking include the actions, or operations, on Confluent Cloud networking solutions that generate auditable event messages.
Go directly to the following sections:
- Network
- Peering connection
- Private link access
- Private link attachment
- Private link attachment connection
- Transit gateway attachment
- DNS forwarder
Network¶
The following actions, or operations, on a Confluent Cloud network generate auditable event messages. For more information about Confluent Cloud networks, see Manage Networking on Confluent Cloud.
| Method name | Action triggering an audit log event message |
|---|---|
| CreateNetwork | A request to create a Confluent Cloud network. |
| DeleteNetwork | A request to remove a Confluent Cloud network. |
| GetNetwork | A request to get the details of a Confluent Cloud network. |
| GetNetworks | A request to get a list of the Confluent Cloud networks. |
| UpdateNetwork | A request to update the details of a Confluent Cloud network. |
CreateNetwork¶
The CreateNetwork event is generated by a request to create a Confluent Cloud network.
Examples¶
SUCCESS
{
"datacontenttype":"application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"CreateNetwork",
"cloudResources":[
{
"scope":{
"resources":[
{
"type":"ORGANIZATION",
"resourceId":"424c3c58-93de-414f-bb87-a6131f477f66"
},
{
"type":"ENVIRONMENT",
"resourceId":"env-223r92"
}
]
},
"resource":{
"type":"NETWORK",
"resourceId":"n-gok0y6"
}
}
],
"authenticationInfo":{
"exposure":"CUSTOMER",
"principal":{
"email":"someone@example.com",
"confluentUser":{
"resourceId":"u-doopwd"
}
},
"result":"SUCCESS"
},
"requestMetadata":{
"requestId":[
"83797a6d2b0a8d3af0006c6f2b7f878b"
],
"clientAddress":[
{
"ip":"1.2.3.4"
}
]
},
"request":{
"accessType":"MODIFICATION",
"data":{
"spec":{
"connection_types":[
"PRIVATELINK"
],
"display_name":"display-name",
"environment":{
"id":"env-223r92"
},
"region":"centralus",
"zones":[
],
"cloud":"AZURE"
}
}
},
"result":{
"status":"SUCCESS",
"data":{
"status":{
"phase":"PROVISIONING",
"supported_connection_types":[
"PRIVATE_LINK"
],
"zonal_subdomains":{
},
"cloud":{
"vnet":"",
"kind":"networking.v1.AzureNetwork",
"private_link_service_aliases":{
},
"subscription":"731fd59e-3b05-4357-919a-5b3410abc153"
},
"dns_domain":""
},
"api_version":"networking/v1",
"id":"n-gok0y6",
"kind":"Network",
"metadata":{
"created_at":"2022-04-21T17:23:46.898902Z",
"resource_name":"crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/network=n-gok0y6",
"self":"https://api.confluent.cloud/networking/v1/networks/n-gok0y6?environment=env-223r92",
"updated_at":"2022-04-21T17:23:46.898902Z"
},
"spec":{
"region":"centralus",
"zones":[
"1",
"2",
"3"
],
"cidr":"10.1.0.0/16",
"cloud":"AZURE",
"connection_types":[
"PRIVATELINK"
],
"display_name":"display-name",
"environment":{
"resource_name":"crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92",
"api_version":"org/v2",
"id":"env-223r92",
"kind":"Environment",
"related":"https://api.confluent.cloud/v2/environments/env-223r92"
}
}
}
}
},
"subject":"crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/network=n-gok0y6",
"specversion":"1.0",
"id":"23ae10b0-bc8c-4c85-8703-6a7b309cd8f8",
"source":"crn://confluent.cloud/",
"time":"2022-04-21T17:23:46.903Z",
"type":"io.confluent.cloud/request"
}
FAILURE – An internal error occurred during network creation.
{
"specversion":"1.0",
"id":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source":"crn://confluent.cloud/",
"type":"io.confluent.cloud/request",
"subject":"crn://confluent.cloud/organization=customer2/environment=env-1",
"datacontenttype":"application/json",
"data":{
"service_name":"crn://confluent.cloud/",
"method_name":"CreateNetwork",
"cloud_resources":[
{
"scope":{
"resources":[
{
"type":"ORGANIZATION",
"resource_id":"customer2"
}
]
},
"resource":{
"type":"ENVIRONMENT",
"resource_id":"env-1"
}
}
],
"authentication_info":{
"exposure":"CUSTOMER",
"principal":{
"confluentUser":{
"resource_id":"u-2"
}
},
"result":"SUCCESS"
},
"request_metadata":{
"request_id":[
"01020304050607080102040810204080"
],
"client_address":[
{
"ip":"1.2.3.4"
}
]
},
"request":{
"access_type":"MODIFICATION",
"data":{
"spec":{
"cidr":"10.1.0.0/16",
"cloud":"AWS",
"connection_types":[
"TRANSITGATEWAY"
],
"display_name":"display-name",
"environment":{
"id":"env-1"
},
"region":"us-west-2",
"zones":[
"usw2-az1",
"usw2-az2",
"usw2-az3"
]
}
}
},
"result":{
"status":"FAILURE",
"data":{
"errors":[
{
"id":"01020304050607080102040810204080",
"status":"500"
}
]
}
}
}
}
DeleteNetwork¶
The DeleteNetwork event is generated by a request to remove a Confluent Cloud network.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "DeleteNetwork",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "424c3c58-93de-414f-bb87-a6131f477f66"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-223r92"
}
]
},
"resource": {
"type": "NETWORK",
"resourceId": "n-gjeznp"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-doopwd"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"7c46d1ecabe44da0d92c980687466156"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"id": "n-gjeznp",
"environment": "env-223r92"
}
},
"result": {
"status": "SUCCESS"
}
},
"subject": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/network=n-gjeznp",
"specversion": "1.0",
"id": "78dc845a-a6f9-4df5-8615-4be54b77faf9",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T17:27:15.556Z",
"type": "io.confluent.cloud/request"
}
FAILURE - "Network deletion not allowed due to existing dependencies."
{
"datacontenttype": "application/json",
"id": "fc0f727d-899a-4a22-ad8b-a866871a9d37",
"time": "2021-01-01T12:34:56.789Z",
"type":"io.confluent.cloud/request",
"source": "crn://confluent.cloud/kafka=lkc-a1b2c",
"subject": "crn://confluent.cloud/kafka=lkc-a2b2c",
"specversion": "1.0"
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "DeleteNetwork",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "c54edd1d-30f2-4914-a93d-bdb4798ae750"
},
{
"type": "ENVIRONMENT",
"resourceId": "a-20142"
}
]
},
"resource": {
"type": "NETWORK",
"resourceId": "n-ogz57g"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-e80104"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"ea6ec637be9facc78ad0d1639441d3ce"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"id": "n-ogz57g",
"environment": "a-20142"
}
},
"result": {
"status": "FAILURE",
"data": {
"errors": [
{
"id": "ea6ec637be9facc78ad0d1639441d3ce",
"status": "409",
"detail": "Network deletion not allowed due to existing dependencies.",
"source": {}
}
]
}
}
}
}
GetNetwork¶
The GetNetwork event is generated by a request to get the details of a Confluent Cloud network.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "GetNetwork",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "424c3c58-93de-414f-bb87-a6131f477f66"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-223r92"
}
]
},
"resource": {
"type": "NETWORK",
"resourceId": "n-gz8wyg"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-doopwd"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"3e736d0a3e5e085e7ef99ddad5c13a10"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "READ_ONLY",
"data": {
"id": "n-gz8wyg",
"environment": "env-223r92"
}
},
"result": {
"status": "SUCCESS",
"data": {
"api_version": "networking/v1",
"id": "n-gz8wyg",
"kind": "Network",
"metadata": {
"created_at": "2022-04-21T05:32:02.223204Z",
"resource_name": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/network=n-gz8wyg",
"self": "https://api.confluent.cloud/networking/v1/networks/n-gz8wyg?environment=env-223r92",
"updated_at": "2022-04-21T05:32:02.766852Z"
},
"spec": {
"zones": [
"1",
"2",
"3"
],
"cidr": "10.1.0.0/16",
"cloud": "AZURE",
"connection_types": [
"PRIVATELINK"
],
"display_name": "network_azure_PRIVATELINK",
"environment": {
"api_version": "org/v2",
"id": "env-223r92",
"kind": "Environment",
"related": "https://api.confluent.cloud/v2/environments/env-223r92",
"resource_name": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92"
},
"region": "centralus"
},
"status": {
"cloud": {
"kind": "networking.v1.AzureNetwork",
"private_link_service_aliases": {},
"subscription": "731fd59e-3b05-4357-919a-5b3410abc153",
"vnet": ""
},
"dns_domain": "",
"phase": "PROVISIONING",
"supported_connection_types": [
"PRIVATE_LINK"
],
"zonal_subdomains": {}
}
}
}
},
"subject": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/network=n-gz8wyg",
"specversion": "1.0",
"id": "fcb10b4c-765f-4f2a-a336-31fd54ece03b",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T05:39:07.840Z",
"type": "io.confluent.cloud/request"
}
GetNetworks¶
The GetNetworks event is generated by a request to get a list of the Confluent Cloud networks
in the organization.
Examples¶
SUCCESS
{
"datacontenttype":"application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"GetNetworks",
"cloudResources":[
{
"scope":{
"resources":[
{
"type":"ORGANIZATION",
"resourceId":"424c3c58-93de-414f-bb87-a6131f477f66"
}
]
},
"resource":{
"type":"ENVIRONMENT",
"resourceId":"env-223r92"
}
}
],
"authenticationInfo":{
"exposure":"CUSTOMER",
"principal":{
"email":"someone@example.com",
"confluentUser":{
"resourceId":"u-doopwd"
}
},
"result":"SUCCESS"
},
"requestMetadata":{
"requestId":[
"66b5882906e46079070e77160006a2db"
],
"clientAddress":[
{
"ip":"1.2.3.4"
}
]
},
"request":{
"accessType":"READ_ONLY",
"data":{
"environment":"env-223r92",
"deactivated":{
},
"page":{
"size":1000
}
}
},
"result":{
"status":"SUCCESS"
}
},
"subject":"crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92",
"specversion":"1.0",
"id":"4eb99b3d-d91d-41f8-902f-3848b30fe2c7",
"source":"crn://confluent.cloud/",
"time":"2022-04-21T17:47:25.014Z",
"type":"io.confluent.cloud/request"
}
UpdateNetwork¶
The UpdateNetwork event is generated by a request to update the details of a Confluent Cloud network.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "UpdateNetwork",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "3de5f6ab-96b9-431d-a3a1-5719db30f247"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-gkpqyr"
}
]
},
"resource": {
"type": "NETWORK",
"resourceId": "n-69mxmg"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-yggjp7"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"a14e20a571ae898d8a3129886389d93f"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"spec": {
"display_name": "seattle-network"
}
}
},
"result": {
"status": "SUCCESS",
"data": {
"spec": {
"cidr": "10.1.0.0/16",
"cloud": "AWS",
"connection_types": [
"PRIVATELINK"
],
"display_name": "seattle-network",
"environment": {
"api_version": "org/v2",
"id": "env-gkpqyr",
"kind": "Environment",
"related": "https://api.confluent.cloud/v2/environments/env-gkpqyr",
"resource_name": "crn://confluent.cloud/organization=3de5f6ab-96b9-431d-a3a1-5719db30f247/environment=env-gkpqyr"
},
"region": "us-east-2",
"zones": [
"use2-az1",
"use2-az2",
"use2-az3"
]
},
"status": {
"dns_domain": "69mxmg.us-east-2.aws.confluent.cloud",
"phase": "READY",
"supported_connection_types": [
"PRIVATE_LINK"
],
"zonal_subdomains": {
"use2-az1": "use2-az1.69mxmg.us-east-2.aws.confluent.cloud",
"use2-az2": "use2-az2.69mxmg.us-east-2.aws.confluent.cloud",
"use2-az3": "use2-az3.69mxmg.us-east-2.aws.confluent.cloud"
},
"cloud": {
"account": "123456789",
"kind": "networking.v1.AwsNetwork",
"private_link_endpoint_service": "com.amazonaws.vpce.us-east-2.vpce-svc-0c9fb7e9893e3badc",
"vpc": "vpc-0867b103058e24193"
}
},
"api_version": "networking/v1",
"id": "n-69mxmg",
"kind": "Network",
"metadata": {
"created_at": "2022-04-18T19:31:30.13997Z",
"resource_name": "crn://confluent.cloud/organization=3de5f6ab-96b9-431d-a3a1-5719db30f247/environment=env-gkpqyr/network=n-69mxmg",
"self": "https://api.confluent.cloud/networking/v1/networks/n-69mxmg?environment=env-gkpqyr",
"updated_at": "2022-04-21T00:36:55.996833Z"
}
}
}
},
"subject": "crn://confluent.cloud/organization=3de5f6ab-96b9-431d-a3a1-5719db30f247/environment=env-gkpqyr/network=n-69mxmg",
"specversion": "1.0",
"id": "a06d04a1-6f18-45cc-b0ab-9d7fd54a5182",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T00:36:56.004Z",
"type": "io.confluent.cloud/request"
}
Peering connection¶
The following actions, or operations, on a VPC/VNet peering connection generate auditable event messages. For details about peering connections in Confluent Cloud, see Use VPC Peering Connections with Confluent Cloud on AWS.
| Method name | Action triggering an audit log event message |
|---|---|
| CreatePeering | A request to create a peering connection. |
| DeletePeering | A request to remove a peering connection. |
| GetPeering | A request to get the details of a peering connection. |
| GetPeerings | A request to get a list of the peering connections. |
| UpdatePeering | A request to update the details of a peering connection. |
CreatePeering¶
The CreatePeering event is generated by a request to create a VPC or VNet peering connection.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization=customer2/environment=env-1/network=n-1/peering=peer-1",
"datacontenttype": "application/json",
"data": {
"service_name": "crn://confluent.cloud/",
"method_name": "CreatePeering",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "customer2"
},
{
"type": "ENVIRONMENT",
"resource_id": "env-1"
},
{
"type": "NETWORK",
"resource_id": "n-1"
}
]
},
"resource": {
"type": "PEERING",
"resource_id": "peer-1"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"confluentUser": {
"resource_id": "u-2"
}
},
"result": "SUCCESS"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"access_type": "MODIFICATION",
"data": {
"spec": {
"cloud": {
"account": "123456789",
"customer_region": "us-east-1",
"routes": [
"10.1.1.0/27",
"10.1.2.0/27"
],
"vpc": "vpc-12345"
},
"display_name": "seattle-network",
"environment": {
"id": "env-1"
},
"network": {
"id": "n-1"
}
}
}
},
"result": {
"status": "SUCCESS",
"data": {
"api_version": "networking/v1",
"id": "peer-1",
"kind": "Peering",
"metadata": {
"resource_name": "crn://foo.bar.com/organization=customer2/environment=env-1/network=n-1/peering=peer-1",
"self": "https://api.foo.bar.com/networking/v1/peerings/peer-1?environment=env-1"
},
"spec": {
"cloud": {
"account": "123456789",
"customer_region": "us-east-1",
"kind": "networking.v1.AwsPeering",
"routes": [
"10.1.1.0/27",
"10.1.2.0/27"
],
"vpc": "vpc-12345"
},
"display_name": "seatte-network",
"environment": {
"api_version": "org/v2",
"id": "env-1",
"kind": "Environment",
"related": "https://api.foo.bar.com/v2/environments/env-1",
"resource_name": "crn://foo.bar.com/organization=customer2/environment=env-1"
},
"network": {
"api_version": "networking/v1",
"id": "n-1",
"kind": "Network",
"related": "https://api.foo.bar.com/networking/v1/networks/n-1?environment=env-1",
"resource_name": "crn://foo.bar.com/organization=customer2/environment=env-1/network=n-1"
}
},
"status": {
"phase": "UNKNOWN"
}
}
}
}
}
DeletePeering¶
The DeletePeering event is generated by a request to remove a VPC or VNet peering connection.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization=customer2/environment=env-1/peering=peer-1",
"datacontenttype": "application/json",
"data": {
"service_name": "crn://confluent.cloud/",
"method_name": "DeletePeering",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "customer2"
},
{
"type": "ENVIRONMENT",
"resource_id": "env-1"
}
]
},
"resource": {
"type": "PEERING",
"resource_id": "peer-1"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"confluentUser": {
"resource_id": "u-2"
}
},
"result": "SUCCESS"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"access_type": "MODIFICATION",
"data": {
"environment": "env-1",
"id": "peer-1"
}
},
"result": {
"status": "SUCCESS"
}
}
}
GetPeering¶
The GetPeering event is generated by a request to get the details of a
VPC or VNet peering connection.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization=customer2/environment=env-1/network=n-1/peering=peer-1",
"datacontenttype": "application/json",
"data": {
"service_name": "crn://confluent.cloud/",
"method_name": "GetPeering",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "customer2"
},
{
"type": "ENVIRONMENT",
"resource_id": "env-1"
},
{
"type": "NETWORK",
"resource_id": "n-1"
}
]
},
"resource": {
"type": "PEERING",
"resource_id": "peer-1"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"confluentUser": {
"resource_id": "u-2"
}
},
"result": "SUCCESS"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"access_type": "READ_ONLY",
"data": {
"environment": "env-1",
"id": "peer-1"
}
},
"result": {
"status": "SUCCESS",
"data": {
"api_version": "networking/v1",
"id": "peer-1",
"kind": "Peering",
"metadata": {
"resource_name": "crn://foo.bar.com/organization=customer2/environment=env-1/network=n-1/peering=peer-1",
"self": "https://api.foo.bar.com/networking/v1/peerings/peer-1?environment=env-1"
},
"spec": {
"cloud": {
"account": "123456789",
"customer_region": "us-east-1",
"kind": "networking.v1.AwsPeering",
"routes": [
"10.1.1.0/27",
"10.1.2.0/27"
],
"vpc": "vpc-12345"
},
"display_name": "display-name",
"environment": {
"api_version": "org/v2",
"id": "env-1",
"kind": "Environment",
"related": "https://api.foo.bar.com/v2/environments/env-1",
"resource_name": "crn://foo.bar.com/organization=customer2/environment=env-1"
},
"network": {
"api_version": "networking/v1",
"id": "n-1",
"kind": "Network",
"related": "https://api.foo.bar.com/networking/v1/networks/n-1?environment=env-1",
"resource_name": "crn://foo.bar.com/organization=customer2/environment=env-1/network=n-1"
}
},
"status": {
"phase": "UNKNOWN"
}
}
}
}
}
GetPeerings¶
The GetPeerings event is generated by a request to get a list of the peering
connections in the organization.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "GetPeerings",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "424c3c58-93de-414f-bb87-a6131f477f66"
}
]
},
"resource": {
"type": "ENVIRONMENT",
"resourceId": "env-223r92"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-doopwd"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"cd538a073b8a3aec372d08a3b274fe54"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "READ_ONLY",
"data": {
"environment": "env-223r92",
"page": {
"size": 1000
}
}
},
"result": {
"status": "SUCCESS"
}
},
"subject": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92",
"specversion": "1.0",
"id": "51e75ace-ecae-47fe-9b20-cc659c4a0815",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T16:27:29.412Z",
"type": "io.confluent.cloud/request"
}
UpdatePeering¶
The UpdatePeering event is generated by a request to update the details of
a VPC or VNet peering connection.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "UpdatePeering",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "3de5f6ab-96b9-431d-a3a1-5719db30f247"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-xm636q"
},
{
"type": "NETWORK",
"resourceId": "n-gezz7g"
}
]
},
"resource": {
"type": "PEERING",
"resourceId": "peer-gjelop"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-yggjp7"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"8d72c5a30e289b959c2ed291931d5b81"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"spec": {
"display_name": "display-name"
}
}
},
"result": {
"status": "SUCCESS",
"data": {
"status": {
"phase": "READY"
},
"api_version": "networking/v1",
"id": "peer-gjelop",
"kind": "Peering",
"metadata": {
"created_at": "2022-04-06T15:49:42.290053Z",
"resource_name": "crn://confluent.cloud/organization=3de5f6ab-96b9-431d-a3a1-5719db30f247/environment=env-xm636q/network=n-gezz7g/peering=peer-gjelop",
"self": "https://api.confluent.cloud/networking/v1/peerings/peer-gjelop?environment=env-xm636q",
"updated_at": "2022-04-21T22:21:06.955371Z"
},
"spec": {
"cloud": {
"account": "123456789",
"customer_region": "us-west-2",
"kind": "networking.v1.AwsPeering",
"routes": [
"10.2.0.0/16"
],
"vpc": "vpc-038b46121a8cff887"
},
"display_name": "display-name",
"environment": {
"api_version": "org/v2",
"id": "env-xm636q",
"kind": "Environment",
"related": "https://api.confluent.cloud/v2/environments/env-xm636q",
"resource_name": "crn://confluent.cloud/organization=3de5f6ab-96b9-431d-a3a1-5719db30f247/environment=env-xm636q"
},
"network": {
"api_version": "networking/v1",
"id": "n-gezz7g",
"kind": "Network",
"related": "https://api.confluent.cloud/networking/v1/networks/n-gezz7g?environment=env-xm636q",
"resource_name": "crn://confluent.cloud/organization=3de5f6ab-96b9-431d-a3a1-5719db30f247/environment=env-xm636q/network=n-gezz7g"
}
}
}
}
},
"subject": "crn://confluent.cloud/organization=3de5f6ab-96b9-431d-a3a1-5719db30f247/environment=env-xm636q/network=n-gezz7g/peering=peer-gjelop",
"specversion": "1.0",
"id": "11782d45-91ce-49fa-953a-451b38c7d8e4",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T22:21:06.963Z",
"type": "io.confluent.cloud/request"
}
FAILURE – "The peering peer-gjelopnope was not found."
{
"datacontenttype":"application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"UpdatePeering",
"cloudResources":[
{
"scope":{
"resources":[
{
"type":"ORGANIZATION",
"resourceId":"3de5f6ab-96b9-431d-a3a1-5719db30f247"
},
{
"type":"ENVIRONMENT",
"resourceId":"env-xm636q"
}
]
},
"resource":{
"type":"PEERING",
"resourceId":"peer-gjelopnope"
}
}
],
"authenticationInfo":{
"exposure":"CUSTOMER",
"principal":{
"email":"someone@example.com",
"confluentUser":{
"resourceId":"u-yggjp7"
}
},
"result":"SUCCESS"
},
"requestMetadata":{
"requestId":[
"6940b5a7bcdecbd9a511c2f7c2312ffa"
],
"clientAddress":[
{
"ip":"1.2.3.4"
}
]
},
"request":{
"accessType":"MODIFICATION",
"data":{
"spec":{
"display_name":"display-name"
}
}
},
"result":{
"status":"FAILURE",
"data":{
"errors":[
{
"status":"404",
"detail":"The peering peer-gjelopnope was not found.",
"source":{
},
"id":"6940b5a7bcdecbd9a511c2f7c2312ffa"
}
]
}
}
},
"subject":"crn://confluent.cloud/organization=3de5f6ab-96b9-431d-a3a1-5719db30f247/environment=env-xm636q/peering=peer-gjelopnope",
"specversion":"1.0",
"id":"98f65828-0c0e-42cc-a05f-ef66c9d35161",
"source":"crn://confluent.cloud/",
"time":"2022-04-21T22:22:42.625Z",
"type":"io.confluent.cloud/request"
}
Private link access¶
The following actions, or operations, on a private link (AWS PrivateLink or Azure Private Link) access generate auditable event messages. For details about private links in Confluent Cloud, see Use AWS PrivateLink with Confluent Cloud and Use Azure Private Link with Confluent Cloud.
| Method name | Action triggering an audit log event message |
|---|---|
| CreatePrivateLinkAccess | A request to create a private link access. |
| DeletePrivateLinkAccess | A request to remove a private link access. |
| GetPrivateLinkAccess | A request to get the details of a private link access. |
| GetPrivateLinkAccesses | A request to get a list of the private link accesses. |
| UpdatePrivateLinkAccess | A request to update the details of a private link access. |
CreatePrivateLinkAccess¶
The CreatePrivateLinkAccess event is generated by a request to create a private
link access.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "CreatePrivateLinkAccess",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "424c3c58-93de-414f-bb87-a6131f477f66"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-223r92"
},
{
"type": "NETWORK",
"resourceId": "n-6mexyg"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ACCESS",
"resourceId": "pla-py2kk6"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-doopwd"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"13579f98c1337bb3d9779a97e66a5466"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"spec": {
"cloud": {
"kind": "AzurePrivateLinkAccess",
"subscription": "731fd59e-3b05-4357-919a-5b3410abc153"
},
"display_name": "network_azure_PRIVATELINK",
"environment": {
"id": "env-223r92",
"related": "https://api.confluent.cloud/v2/environments/env-223r92",
"resource_name": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92"
},
"network": {
"id": "n-6mexyg",
"related": "https://api.confluent.cloud/networking/v1/networks/n-6mexyg?environment=env-223r92",
"resource_name": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/network=n-6mexyg"
}
}
}
},
"result": {
"status": "SUCCESS",
"data": {
"metadata": {
"updated_at": "2022-04-21T21:00:41.302097Z",
"created_at": "2022-04-21T21:00:41.302097Z",
"resource_name": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/network=n-6mexyg/private-link-access=pla-py2kk6",
"self": "https://api.confluent.cloud/networking/v1/private-link-accesses/pla-py2kk6?environment=env-223r92"
},
"spec": {
"display_name": "network_azure_PRIVATELINK",
"environment": {
"api_version": "org/v2",
"id": "env-223r92",
"kind": "Environment",
"related": "https://api.confluent.cloud/v2/environments/env-223r92",
"resource_name": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92"
},
"network": {
"id": "n-6mexyg",
"kind": "Network",
"related": "https://api.confluent.cloud/networking/v1/networks/n-6mexyg?environment=env-223r92",
"resource_name": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/network=n-6mexyg",
"api_version": "networking/v1"
},
"cloud": {
"kind": "networking.v1.AzurePrivateLinkAccess",
"subscription": "731fd59e-3b05-4357-919a-5b3410abc153"
}
},
"status": {
"phase": "PROVISIONING"
},
"api_version": "networking/v1",
"id": "pla-py2kk6",
"kind": "PrivateLinkAccess"
}
}
},
"subject": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/network=n-6mexyg/private-link-access=pla-py2kk6",
"specversion": "1.0",
"id": "3b47877a-beb7-4406-aaad-fe575ddbdbfa",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T21:00:41.307Z",
"type": "io.confluent.cloud/request"
}
DeletePrivateLinkAccess¶
The DeletePrivateLinkAccess event is generated by a request to remove a
private link access.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "DeletePrivateLinkAccess",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "424c3c58-93de-414f-bb87-a6131f477f66"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-223r92"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ACCESS",
"resourceId": "pla-pd0qlg"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-doopwd"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"502f9a3083e5841aeb442e7e683b281a"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"id": "pla-pd0qlg",
"environment": "env-223r92"
}
},
"result": {
"status": "SUCCESS"
}
},
"subject": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/private-link-access=pla-pd0qlg",
"specversion": "1.0",
"id": "d5ef17a7-758e-472f-8147-4977e3c76b59",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T17:26:40.802Z",
"type": "io.confluent.cloud/request"
}
FAILURE – "The private-link-access pla-py2kk6 was not found."
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "DeletePrivateLinkAccess",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "424c3c58-93de-414f-bb87-a6131f477f66"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-223r92"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ACCESS",
"resourceId": "pla-py2kk6"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-doopwd"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"cd5f8efff250b8ddfb41072dabf0e612"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"id": "pla-py2kk6",
"environment": "env-223r92"
}
},
"result": {
"status": "FAILURE",
"data": {
"errors": [
{
"id": "cd5f8efff250b8ddfb41072dabf0e612",
"status": "404",
"detail": "The private-link-access pla-py2kk6 was not found.",
"source": {}
}
]
}
}
},
"subject": "crn://confluent.cloud/organization=424c3c58-93de-414f-bb87-a6131f477f66/environment=env-223r92/private-link-access=pla-py2kk6",
"specversion": "1.0",
"id": "ecccdda1-0970-4700-81a4-8cb0224b79ea",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T21:16:57.509Z",
"type": "io.confluent.cloud/request"
}
GetPrivateLinkAccess¶
The GetPrivateLinkAccess event is generated by a request to get the details
of a private link access.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "GetPrivateLinkAccesses",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "b1385ebd-73c2-418d-a821-5e5cd4409ade"
}
]
},
"resource": {
"type": "ENVIRONMENT",
"resourceId": "env-gnygwm"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-m890kq"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"72b32c2574fdc389ccbb2f8975770601"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "READ_ONLY",
"data": {
"environment": "env-gnygwm",
"page": {
"size": 1000
}
}
},
"result": {
"status": "SUCCESS"
}
},
"subject": "crn://confluent.cloud/organization=b1385ebd-73c2-418d-a821-5e5cd4409ade/environment=env-gnygwm",
"specversion": "1.0",
"id": "a5149cbf-a4f2-4a89-be44-930e1211ecef",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T17:47:26.202Z",
"type": "io.confluent.cloud/request"
}
FAILURE – "The private-link-access pla-py2kk6 was not found."
{
"datacontenttype": "application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"GetPrivateLinkAccess",
"cloudResources":[{
"scope":{
"resources":[
{
"type":"ORGANIZATION",
"resourceId":"424c3c58-93de-414f-bb87-a6131f477f66"
},
{
"type":"ENVIRONMENT",
"resourceId":"env-223r92"
}
]
},
"resource":{
"type":"PRIVATE_LINK_ACCESS",
"resourceId":"pla-py2kk6"
}
}
],
"authenticationInfo":{
"exposure":"CUSTOMER",
"principal":{
"email":"someone@example.com",
"confluentUser":{
"resourceId":"u-doopwd"
}
},
"result":"SUCCESS"
},
"requestMetadata":{
"requestId":[
"4406268a55d762b1154fd4a38c20d854"
],
"clientAddress":[
{
"ip":"1.2.3.4"
}
]
},
"request":{
"accessType":"READ_ONLY",
"data":{
"id":"pla-py2kk6",
"environment":"env-223r92"
}
},
"result":{
"status":"FAILURE",
"data":{
"errors":[
{
"id":"4406268a55d762b1154fd4a38c20d854",
"status":"404",
"detail":"The private-link-access pla-py2kk6 was not found.",
"source":{
}
}
]
}
}
},
"type":"io.confluent.cloud/request",
"id": "fc0f727d-899a-4a22-ad8b-a866871a9d37",
"time": "2021-01-01T12:34:56.789Z",
"source": "crn://confluent.cloud/kafka=lkc-a1b2c",
"subject": "crn://confluent.cloud/kafka=lkc-a2b2c",
"specversion": "1.0"
}
GetPrivateLinkAccesses¶
The GetPrivateLinkAccesses event is generated by a request to get a list of
the private link accesses in the organization.
Examples¶
SUCCESS
{
"datacontenttype":"application/json",
"data":{
"serviceName":"crn://confluent.cloud/",
"methodName":"GetPrivateLinkAccesses",
"cloudResources":[
{
"scope":{
"resources":[
{
"type":"ORGANIZATION",
"resourceId":"b1385ebd-73c2-418d-a821-5e5cd4409ade"
}
]
},
"resource":{
"type":"ENVIRONMENT",
"resourceId":"env-gnygwm"
}
}
],
"authenticationInfo":{
"exposure":"CUSTOMER",
"principal":{
"email":"someone@example.com",
"confluentUser":{
"resourceId":"u-m890kq"
}
},
"result":"SUCCESS"
},
"requestMetadata":{
"requestId":[
"72b32c2574fdc389ccbb2f8975770601"
],
"clientAddress":[
{
"ip":"1.2.3.4"
}
]
},
"request":{
"accessType":"READ_ONLY",
"data":{
"environment":"env-gnygwm",
"page":{
"size":1000
}
}
},
"result":{
"status":"SUCCESS"
}
},
"subject":"crn://confluent.cloud/organization=b1385ebd-73c2-418d-a821-5e5cd4409ade/environment=env-gnygwm",
"specversion":"1.0",
"id":"a5149cbf-a4f2-4a89-be44-930e1211ecef",
"source":"crn://confluent.cloud/",
"time":"2022-04-21T17:47:26.202Z",
"type":"io.confluent.cloud/request"
}
UpdatePrivateLinkAccess¶
The UpdatePrivateLinkAccess event is generated by a request to update the details of
a private link access.
Examples¶
SUCCESS
{
"specversion":"1.0",
"id":"aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source":"crn://confluent.cloud/",
"type":"io.confluent.cloud/request",
"subject":"crn://confluent.cloud/organization=customer2/environment=env-1/network=n-1/private-link-access=pla-1",
"datacontenttype":"application/json",
"data":{
"service_name":"crn://confluent.cloud/",
"method_name":"UpdatePrivateLinkAccess",
"cloud_resources":[
{
"scope":{
"resources":[
{
"type":"ORGANIZATION",
"resource_id":"customer2"
},
{
"type":"ENVIRONMENT",
"resource_id":"env-1"
},
{
"type":"NETWORK",
"resource_id":"n-1"
}
]
},
"resource":{
"type":"PRIVATE_LINK_ACCESS",
"resource_id":"pla-1"
}
}
],
"authentication_info":{
"exposure":"CUSTOMER",
"principal":{
"confluentUser":{
"resource_id":"u-2"
}
},
"result":"SUCCESS"
},
"request_metadata":{
"request_id":[
"01020304050607080102040810204080"
],
"client_address":[
{
"ip":"1.2.3.4"
}
]
},
"request":{
"access_type":"MODIFICATION",
"data":{
"spec":{
"display_name":"display-name"
}
}
},
"result":{
"status":"SUCCESS",
"data":{
"api_version":"networking/v1",
"id":"pla-1",
"kind":"PrivateLinkAccess",
"metadata":{
"resource_name":"crn://foo.bar.com/organization=customer2/environment=env-1/network=n-1/private-link-access=pla-1",
"self":"https://api.foo.bar.com/networking/v1/private-link-accesses/pla-1?environment=env-1"
},
"spec":{
"cloud":{
"account":"123456789",
"kind":"networking.v1.AwsPrivateLinkAccess"
},
"display_name":"display-name",
"environment":{
"api_version":"org/v2",
"id":"env-1",
"kind":"Environment",
"related":"https://api.foo.bar.com/v2/environments/env-1",
"resource_name":"crn://foo.bar.com/organization=customer2/environment=env-1"
},
"network":{
"api_version":"networking/v1",
"id":"n-1",
"kind":"Network",
"related":"https://api.foo.bar.com/networking/v1/networks/n-1?environment=env-1",
"resource_name":"crn://foo.bar.com/organization=customer2/environment=env-1/network=n-1"
}
},
"status":{
"phase":"UNKNOWN"
}
}
}
}
}
Private link attachment¶
The following actions, or operations, on a private link attachment (AWS PrivateLink) for Enterprise Kafka clusters generate auditable event messages. For details about private links in Confluent Cloud, see Use AWS PrivateLink with Confluent Cloud.
| Method name | Action triggering an audit log event message |
|---|---|
| CreatePrivateLinkAttachment | A request to create a private link access. |
| DeletePrivateLinkAttachment | A request to remove a private link attachment. |
| GetPrivateLinkAttachment | A request to get the details of a private link attachment. |
| GetPrivateLinkAttachments | A request to get a list of the private link attachment. |
| UpdatePrivateLinkAttachment | A request to update the details of a private link attachment. |
CreatePrivateLinkAttachment¶
The CreatePrivateLinkAttachment event is generated by a request to create a private
link attachment.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "CreatePrivateLinkAttachment",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
},
{
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ATTACHMENT",
"resource_id": "{{.PrivateLinkAttachment}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "MODIFICATION",
"data": {
"spec": {
"cloud": "AWS",
"display_name": "{{.DisplayName}}",
"environment": {
"id": "{{.Environment}}",
"related": "",
"resource_name": ""
},
"region": "{{.Region}}"
}
}
},
"result": {
"status": "SUCCESS",
"data": {
"api_version": "networking/v1",
"id": "{{.PrivateLinkAttachment}}",
"kind": "PrivateLinkAttachment",
"metadata": {
"created_at": "{{.CreatedAt}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}",
"self": "https://api.api.example.com/networking/v1/private-link-attachments/{{.PrivateLinkAttachment}}?environment={{.Environment}}",
"updated_at": "{{.UpdatedAt}}"
},
"spec": {
"cloud": "AWS",
"display_name": "{{.DisplayName}}",
"environment": {
"api_version": "org/v2",
"environment": "{{.Environment}}",
"id": "{{.Environment}}",
"kind": "Environment",
"related": "https://api.api.example.com/v2/environments/{{.Environment}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}"
},
"region": "{{.Region}}"
},
"status": {
"phase": "PROVISIONING"
}
}
}
}
}
DeletePrivateLinkAttachment¶
The DeletePrivateLinkAttachment event is generated by a request to remove a
private link attachment.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "DeletePrivateLinkAttachment",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
},
{
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ATTACHMENT",
"resource_id": "{{.PrivateLinkAttachment}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "MODIFICATION",
"data": {
"environment": "{{.Environment}}",
"id": "{{.PrivateLinkAttachment}}"
}
},
"result": {
"status": "SUCCESS"
}
}
}
GetPrivateLinkAttachment¶
The GetPrivateLinkAttachment event is generated by a request to get the details
of a private link attachment.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "GetPrivateLinkAttachment",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
},
{
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ATTACHMENT",
"resource_id": "{{.PrivateLinkAttachment}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "READ_ONLY",
"data": {
"deactivated": false,
"environment": "{{.Environment}}",
"id": "{{.PrivateLinkAttachment}}"
}
},
"result": {
"status": "SUCCESS",
"data": {
"api_version": "networking/v1",
"id": "{{.PrivateLinkAttachment}}",
"kind": "PrivateLinkAttachment",
"metadata": {
"created_at": "{{.CreatedAt}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}",
"self": "https://api.api.example.com/networking/v1/private-link-attachments/{{.PrivateLinkAttachment}}?environment={{.Environment}}",
"updated_at": "{{.UpdatedAt}}"
},
"spec": {
"cloud": "AWS",
"display_name": "{{.DisplayName}}",
"environment": {
"api_version": "org/v2",
"environment": "{{.Environment}}",
"id": "{{.Environment}}",
"kind": "Environment",
"related": "https://api.api.example.com/v2/environments/{{.Environment}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}"
},
"region": "{{.Region}}"
},
"status": {
"phase": "PROVISIONING"
}
}
}
}
}
GetPrivateLinkAttachments¶
The GetPrivateLinkAttachments event is generated by a request to get a list of
the private link attachments in the organization.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "GetPrivateLinkAttachments",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
}
]
},
"resource": {
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "READ_ONLY",
"data": {
"deactivated": false,
"environment": "{{.Environment}}",
"page": {}
}
},
"result": {
"status": "SUCCESS"
}
}
}
UpdatePrivateLinkAttachment¶
The UpdatePrivateLinkAttachment event is generated by a request to update the details of
a private link attachment.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "UpdatePrivateLinkAttachment",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
},
{
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ATTACHMENT",
"resource_id": "{{.PrivateLinkAttachment}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "MODIFICATION",
"data": {
"id": "{{.PrivateLinkAttachment}}",
"spec": {
"display_name": "new-name",
"environment": {
"id": "{{.Environment}}",
"related": "",
"resource_name": ""
}
}
}
},
"result": {
"status": "SUCCESS",
"data": {
"api_version": "networking/v1",
"id": "{{.PrivateLinkAttachment}}",
"kind": "PrivateLinkAttachment",
"metadata": {
"created_at": "{{.CreatedAt}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}",
"self": "https://api.api.example.com/networking/v1/private-link-attachments/{{.PrivateLinkAttachment}}?environment={{.Environment}}",
"updated_at": "{{.UpdatedAt}}"
},
"spec": {
"cloud": "AWS",
"display_name": "new-name",
"environment": {
"api_version": "org/v2",
"environment": "{{.Environment}}",
"id": "{{.Environment}}",
"kind": "Environment",
"related": "https://api.api.example.com/v2/environments/{{.Environment}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}"
},
"region": "{{.Region}}"
},
"status": {
"phase": "PROVISIONING"
}
}
}
}
}
Private link attachment connection¶
The following actions, or operations, on a private link attachment (AWS PrivateLink) for Enterprise Kafka clusters generate auditable event messages. A private link connection can only be made after a private link attachment is created. For details about private links in Confluent Cloud, see Use AWS PrivateLink with Confluent Cloud.
| Method name | Action triggering an audit log event message |
|---|---|
| CreatePrivateLinkAttachmentConnection | A request to create a private link attachment connection. |
| DeletePrivateLinkAttachmentConnection | A request to remove a private link attachment connection. |
| GetPrivateLinkAttachmentConnection | A request to get the details of a private link attachment connection. |
| GetPrivateLinkAttachmentConnections | A request to get a list of the private link attachment connection. |
| UpdatePrivateLinkAttachmentConnection | A request to update the details of a private link attachment connection. |
CreatePrivateLinkAttachmentConnection¶
The CreatePrivateLinkAttachmentConnection event is generated by a request to create a private
link attachment connection.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}/private-link-attachment-connection={{.PrivateLinkAttachmentConnection}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "CreatePrivateLinkAttachmentConnection",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
},
{
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
},
{
"type": "PRIVATE_LINK_ATTACHMENT",
"resource_id": "{{.PrivateLinkAttachment}}"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ATTACHMENT_CONNECTION",
"resource_id": "{{.PrivateLinkAttachmentConnection}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "MODIFICATION",
"data": {
"spec": {
"cloud": {
"kind": "AwsPrivateLinkAttachmentConnection",
"vpc_endpoint_id": "vpc-endpoint"
},
"display_name": "test-register-private-link-attachment-connection",
"environment": {
"id": "{{.Environment}}",
"related": "",
"resource_name": ""
},
"private_link_attachment": {
"id": "{{.PrivateLinkAttachment}}",
"related": "",
"resource_name": ""
}
}
}
},
"result": {
"status": "SUCCESS",
"data": {
"api_version": "networking/v1",
"id": "{{.PrivateLinkAttachmentConnection}}",
"kind": "PrivateLinkAttachmentConnection",
"metadata": {
"created_at": "{{.CreatedAt}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}/private-link-attachment-connection={{.PrivateLinkAttachmentConnection}}",
"self": "https://api.api.example.com/networking/v1/private-link-attachment-connections/{{.PrivateLinkAttachmentConnection}}?environment={{.Environment}}",
"updated_at": "{{.UpdatedAt}}"
},
"spec": {
"cloud": {
"kind": "networking.v1.AwsPrivateLinkAttachmentConnection",
"vpc_endpoint_id": "vpc-endpoint"
},
"display_name": "test-register-private-link-attachment-connection",
"environment": {
"api_version": "org/v2",
"environment": "{{.Environment}}",
"id": "{{.Environment}}",
"kind": "Environment",
"related": "https://api.api.example.com/v2/environments/{{.Environment}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}"
},
"private_link_attachment": {
"api_version": "networking/v1",
"environment": "{{.Environment}}",
"id": "{{.PrivateLinkAttachment}}",
"kind": "PrivateLinkAttachment",
"related": "https://api.api.example.com/networking/v1/private-link-attachments/{{.PrivateLinkAttachment}}?environment={{.Environment}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}"
}
},
"status": {
"cloud": {
"kind": "networking.v1.AwsPrivateLinkAttachmentConnectionStatus",
"vpc_endpoint_id": "vpc-endpoint",
"vpc_endpoint_service_name": ""
},
"phase": "PROVISIONING"
}
}
}
}
}
DeletePrivateLinkAttachmentConnection¶
The DeletePrivateLinkAttachmentConnection event is generated by a request to remove a
private link attachment connection.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment-connection={{.PrivateLinkAttachmentConnection}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "DeletePrivateLinkAttachmentConnection",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
},
{
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ATTACHMENT_CONNECTION",
"resource_id": "{{.PrivateLinkAttachmentConnection}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "MODIFICATION",
"data": {
"environment": "{{.Environment}}",
"id": "{{.PrivateLinkAttachmentConnection}}"
}
},
"result": {
"status": "SUCCESS"
}
}
}
GetPrivateLinkAttachmentConnection¶
The GetPrivateLinkAttachmentConnection event is generated by a request to get the details
of a private link attachment connection.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}/private-link-attachment-connection={{.PrivateLinkAttachmentConnection}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "GetPrivateLinkAttachmentConnection",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
},
{
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
},
{
"type": "PRIVATE_LINK_ATTACHMENT",
"resource_id": "{{.PrivateLinkAttachment}}"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ATTACHMENT_CONNECTION",
"resource_id": "{{.PrivateLinkAttachmentConnection}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "READ_ONLY",
"data": {
"deactivated": false,
"environment": "{{.Environment}}",
"id": "{{.PrivateLinkAttachmentConnection}}"
}
},
"result": {
"status": "SUCCESS",
"data": {
"api_version": "networking/v1",
"id": "{{.PrivateLinkAttachmentConnection}}",
"kind": "PrivateLinkAttachmentConnection",
"metadata": {
"created_at": "{{.CreatedAt}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}/private-link-attachment-connection={{.PrivateLinkAttachmentConnection}}",
"self": "https://api.api.example.com/networking/v1/private-link-attachment-connections/{{.PrivateLinkAttachmentConnection}}?environment={{.Environment}}",
"updated_at": "{{.CreatedAt}}"
},
"spec": {
"cloud": {
"kind": "networking.v1.AwsPrivateLinkAttachmentConnection",
"vpc_endpoint_id": "vpc-endpoint"
},
"display_name": "test-register-private-link-attachment-connection",
"environment": {
"api_version": "org/v2",
"environment": "{{.Environment}}",
"id": "{{.Environment}}",
"kind": "Environment",
"related": "https://api.api.example.com/v2/environments/{{.Environment}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}"
},
"private_link_attachment": {
"api_version": "networking/v1",
"environment": "{{.Environment}}",
"id": "{{.PrivateLinkAttachment}}",
"kind": "PrivateLinkAttachment",
"related": "https://api.api.example.com/networking/v1/private-link-attachments/{{.PrivateLinkAttachment}}?environment={{.Environment}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}"
}
},
"status": {
"cloud": {
"kind": "networking.v1.AwsPrivateLinkAttachmentConnectionStatus",
"vpc_endpoint_id": "vpc-endpoint",
"vpc_endpoint_service_name": ""
},
"phase": "PROVISIONING"
}
}
}
}
}
GetPrivateLinkAttachmentConnections¶
The GetPrivateLinkAttachmentConnections event is generated by a request to get a list of
the private link attachment connections in the organization.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "GetPrivateLinkAttachmentConnections",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
}
]
},
"resource": {
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "READ_ONLY",
"data": {
"deactivated": false,
"environment": "{{.Environment}}",
"page": {},
"private_link_attachments": [
"{{.PrivateLinkAttachmentConnection}}"
]
}
},
"result": {
"status": "SUCCESS"
}
}
}
UpdatePrivateLinkAttachmentConnection¶
The UpdatePrivateLinkAttachmentConnection event is generated by a request to update the details of
a private link attachment connection.
Examples¶
SUCCESS
{
"specversion": "1.0",
"id": "aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee",
"source": "crn://confluent.cloud/",
"type": "io.confluent.cloud/request",
"subject": "crn://confluent.cloud/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}/private-link-attachment-connection={{.PrivateLinkAttachmentConnection}}",
"datacontenttype": "application/json",
"dataschema": "https://confluent.io/internal/events/AuditLog.v2",
"data": {
"service_name": "crn://confluent.cloud/service=cire-traffic",
"internal_service_name": "crn://confluent.cloud/service=cire-traffic",
"method_name": "UpdatePrivateLinkAttachmentConnection",
"cloud_resources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resource_id": "{{.Organization}}"
},
{
"type": "ENVIRONMENT",
"resource_id": "{{.Environment}}"
},
{
"type": "PRIVATE_LINK_ATTACHMENT",
"resource_id": "{{.PrivateLinkAttachment}}"
}
]
},
"resource": {
"type": "PRIVATE_LINK_ATTACHMENT_CONNECTION",
"resource_id": "{{.PrivateLinkAttachmentConnection}}"
}
}
],
"authentication_info": {
"exposure": "CUSTOMER",
"principal": {
"email": "{{.ServiceAccountEmail}}",
"confluent_service_account": {
"resource_id": "{{.ServiceAccount}}",
"internal_id": "1"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization={{.Organization}}/identity-provider=Confluent/identity={{.ServiceAccount}}"
},
"request_metadata": {
"request_id": [
"01020304050607080102040810204080"
],
"client_address": [
{
"ip": "{{.ClientIP}}"
}
]
},
"request": {
"access_type": "MODIFICATION",
"data": {
"id": "{{.PrivateLinkAttachmentConnection}}",
"spec": {
"display_name": "new-name",
"environment": {
"id": "{{.Environment}}",
"related": "",
"resource_name": ""
}
}
}
},
"result": {
"status": "SUCCESS",
"data": {
"api_version": "networking/v1",
"id": "{{.PrivateLinkAttachmentConnection}}",
"kind": "PrivateLinkAttachmentConnection",
"metadata": {
"created_at": "{{.CreatedAt}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}/private-link-attachment-connection={{.PrivateLinkAttachmentConnection}}",
"self": "https://api.api.example.com/networking/v1/private-link-attachment-connections/{{.PrivateLinkAttachmentConnection}}?environment={{.Environment}}",
"updated_at": "{{.UpdatedAt}}"
},
"spec": {
"cloud": {
"kind": "networking.v1.AwsPrivateLinkAttachmentConnection",
"vpc_endpoint_id": "vpc-endpoint"
},
"display_name": "new-name",
"environment": {
"api_version": "org/v2",
"environment": "{{.Environment}}",
"id": "{{.Environment}}",
"kind": "Environment",
"related": "https://api.api.example.com/v2/environments/{{.Environment}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}"
},
"private_link_attachment": {
"api_version": "networking/v1",
"environment": "{{.Environment}}",
"id": "{{.PrivateLinkAttachment}}",
"kind": "PrivateLinkAttachment",
"related": "https://api.api.example.com/networking/v1/private-link-attachments/{{.PrivateLinkAttachment}}?environment={{.Environment}}",
"resource_name": "crn://api.example.com/organization={{.Organization}}/environment={{.Environment}}/private-link-attachment={{.PrivateLinkAttachment}}"
}
},
"status": {
"cloud": {
"kind": "networking.v1.AwsPrivateLinkAttachmentConnectionStatus",
"vpc_endpoint_id": "vpc-endpoint",
"vpc_endpoint_service_name": ""
},
"phase": "PROVISIONING"
}
}
}
}
}
Transit gateway attachment¶
The following actions, or operations, on a transit gateway attachment (AWS Transit Gateway) generate auditable event messages. For details about transit gateways in Confluent Cloud, see Use AWS Transit Gateway on Confluent Cloud.
| Method name | Action triggering an audit log event message |
|---|---|
| GetTransitGatewayAttachment | A request to get the details of a transit gateway attachment. |
| GetTransitGatewayAttachments | A request to get a list of the transit gateway attachments. |
GetTransitGatewayAttachment¶
The GetTransitGatewayAttachment event is generated by a request to get the details of a transit
gateway attachment.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "GetTransitGatewayAttachments",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "b1385ebd-73c2-418d-a821-5e5cd4409ade"
}
]
},
"resource": {
"type": "ENVIRONMENT",
"resourceId": "env-gnygwm"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-m890kq"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"5df94be7ff14a920226b8a34c9f178f9"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "READ_ONLY",
"data": {
"environment": "env-gnygwm",
"page": {
"size": 1000
}
}
},
"result": {
"status": "SUCCESS"
}
},
"subject": "crn://confluent.cloud/organization=b1385ebd-73c2-418d-a821-5e5cd4409ade/environment=env-gnygwm",
"specversion": "1.0",
"id": "c8f2601d-a935-40ec-9b33-d11070d820fa",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T17:47:26.533Z",
"type": "io.confluent.cloud/request"
}
GetTransitGatewayAttachments¶
The GetTransitGatewayAttachments event is generated by a request to get a list of the
transit gateway attachments in the organization.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "GetTransitGatewayAttachments",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "b1385ebd-73c2-418d-a821-5e5cd4409ade"
}
]
},
"resource": {
"type": "ENVIRONMENT",
"resourceId": "env-gnygwm"
}
}
],
"authenticationInfo": {
"exposure": "CUSTOMER",
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-m890kq"
}
},
"result": "SUCCESS"
},
"requestMetadata": {
"requestId": [
"5df94be7ff14a920226b8a34c9f178f9"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "READ_ONLY",
"data": {
"environment": "env-gnygwm",
"page": {
"size": 1000
}
}
},
"result": {
"status": "SUCCESS"
}
},
"subject": "crn://confluent.cloud/organization=b1385ebd-73c2-418d-a821-5e5cd4409ade/environment=env-gnygwm",
"specversion": "1.0",
"id": "c8f2601d-a935-40ec-9b33-d11070d820fa",
"source": "crn://confluent.cloud/",
"time": "2022-04-21T17:47:26.533Z",
"type": "io.confluent.cloud/request"
}
DNS forwarder¶
The following actions, or operations, on a DNS forwarder generate auditable event messages. For more information about DNS forwarders, see Manage Networking on Confluent Cloud.
| Method name | Action triggering an audit log event message |
|---|---|
| CreateDnsForwarder | A request to create a DNS forwarder. |
| DeleteDnsForwarder | A request to remove a DNS forwarder. |
| GetDnsForwarder | A request to get the details of a DNS forwarder. |
| ListDnsForwarders | A request to get a list of the DNS forwarders. |
| UpdateDnsForwarder | A request to update the details of a DNS forwarder. |
CreateDnsForwarder¶
The CreateDnsForwarder event is generated by a request to create a DNS forwarder.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "CreateDnsForwarder",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "94b47aa0-ed3a-44da-9460-6cec0c710e84"
}
]
},
"resource": {
"type": "ENVIRONMENT",
"resourceId": "env-cy9oovo"
}
}
],
"authenticationInfo": {
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-c2gjoz2"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/identity-provider=Confluent/identity=u-c2gjoz2"
},
"requestMetadata": {
"requestId": [
"a25989c5a28a9154f4a59ec1ab8e7415"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"spec": {
"config": {
"dns_server_ips": [
"10.30.1.1"
],
"kind": "ForwardViaIp"
},
"display_name": "test-dnsf",
"domains": [
"example.com"
],
"environment": {
"environment": "string",
"id": "env-cy9oovo"
},
"gateway": {
"environment": "string",
"id": "gw-c1wpzq6"
}
}
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cy9oovo"
},
"subject": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cy9oovo",
"specversion": "1.0",
"id": "f78fb1ef-c60b-4df1-9c56-e204121d81e0",
"source": "crn://confluent.cloud/",
"time": "2024-02-02T09:10:19.900310327Z",
"type": "io.confluent.cloud/request"
}
DeleteDnsForwarder¶
The DeleteDnsForwarder event is generated by a request to remove a DNS
forwarder.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "DeleteDnsForwarder",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "94b47aa0-ed3a-44da-9460-6cec0c710e84"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-cm5kkwq"
}
]
},
"resource": {
"type": "DNS_FORWARDER",
"resourceId": "dnsf-cyrv4lr"
}
}
],
"authenticationInfo": {
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-qzdo92"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/identity-provider=Confluent/identity=u-qzdo92"
},
"requestMetadata": {
"requestId": [
"b6ab7a61867048db1c791449b38dd3d2"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"environment": "env-cm5kkwq",
"id": "dnsf-cyrv4lr"
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cm5kkwq/dns-forwarder=dnsf-cyrv4lr"
},
"subject": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cm5kkwq/dns-forwarder=dnsf-cyrv4lr",
"specversion": "1.0",
"id": "755a0446-d7d9-44fd-9a36-ec458971abcd",
"source": "crn://confluent.cloud/",
"time": "2024-02-06T17:21:56.769460171Z",
"type": "io.confluent.cloud/request"
}
GetDnsForwarder¶
The GetDnsForwarder event is generated by a request to get the details of
a DNS forwarder.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "GetDnsForwarder",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "94b47aa0-ed3a-44da-9460-6cec0c710e84"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-cn5yx86"
}
]
},
"resource": {
"type": "DNS_FORWARDER",
"resourceId": "dnsf-clrwejr"
}
}
],
"authenticationInfo": {
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-zw0dm7"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/identity-provider=Confluent/identity=u-zw0dm7"
},
"requestMetadata": {
"requestId": [
"d0866e090752ebdbb891b3d2025249cc"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "READ_ONLY",
"data": {
"id": "dnsf-clrwejr",
"environment": "env-cn5yx86"
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cn5yx86/dns-forwarder=dnsf-clrwejr"
},
"subject": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cn5yx86/dns-forwarder=dnsf-clrwejr",
"specversion": "1.0",
"id": "ca960f56-7acc-4909-959b-68e4eab99548",
"source": "crn://confluent.cloud/",
"time": "2024-02-06T17:35:11.637703135Z",
"type": "io.confluent.cloud/request"
}
ListDnsForwarders¶
The ListDnsForwarders event is generated by a request to get a list of the
DNS forwarders.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "ListDnsForwarders",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "94b47aa0-ed3a-44da-9460-6cec0c710e84"
}
]
},
"resource": {
"type": "ENVIRONMENT",
"resourceId": "env-cy9oovo"
}
}
],
"authenticationInfo": {
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-8kdgp5"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/identity-provider=Confluent/identity=u-8kdgp5"
},
"requestMetadata": {
"requestId": [
"1d71c97b54547d853b286846a02ff5fd"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "READ_ONLY",
"data": {
"deactivated": false,
"page": {},
"environment": "env-cy9oovo"
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cy9oovo"
},
"subject": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cy9oovo",
"specversion": "1.0",
"id": "0e457e9e-3549-4b68-b878-c503df0f24d7",
"source": "crn://confluent.cloud/",
"time": "2024-02-06T07:11:44.177027361Z",
"type": "io.confluent.cloud/request"
}
UpdateDnsForwarder¶
The UpdateDnsForwarder event is generated by a request to update the details of
a DNS forwarder.
Examples¶
SUCCESS
{
"datacontenttype": "application/json",
"data": {
"serviceName": "crn://confluent.cloud/",
"methodName": "UpdateDnsForwarder",
"cloudResources": [
{
"scope": {
"resources": [
{
"type": "ORGANIZATION",
"resourceId": "94b47aa0-ed3a-44da-9460-6cec0c710e84"
},
{
"type": "ENVIRONMENT",
"resourceId": "env-cn5yx86"
}
]
},
"resource": {
"type": "DNS_FORWARDER",
"resourceId": "dnsf-cyrzqdr"
}
}
],
"authenticationInfo": {
"principal": {
"email": "someone@example.com",
"confluentUser": {
"resourceId": "u-8kdgp5"
}
},
"result": "SUCCESS",
"identity": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/identity-provider=Confluent/identity=u-8kdgp5"
},
"requestMetadata": {
"requestId": [
"71efa3035a7da8db57f839a55859d25e"
],
"clientAddress": [
{
"ip": "1.2.3.4"
}
]
},
"request": {
"accessType": "MODIFICATION",
"data": {
"spec": {
"display_name": "test-dnsf"
}
}
},
"result": {
"status": "SUCCESS"
},
"resourceName": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cn5yx86/dns-forwarder=dnsf-cyrzqdr"
},
"subject": "crn://confluent.cloud/organization=94b47aa0-ed3a-44da-9460-6cec0c710e84/environment=env-cn5yx86/dns-forwarder=dnsf-cyrzqdr",
"specversion": "1.0",
"id": "40960684-28c5-4818-a83b-28a782f2ae8e",
"source": "crn://confluent.cloud/",
"time": "2024-02-06T23:15:30.077530186Z",
"type": "io.confluent.cloud/request"
}