Events in audit logs
In audit logs, an event is a record of a creation, modification, or deletion operation with resources and entities. Readings of sensitive data such as passwords, certificates, etc. are also recorded in audit logs.
An event has a fixed structure and can be of different types.
Event structure
The event has a JSON structure:
[
{
"event_saved_time": "2025-09-29T13:13:25.196Z",
"event_id": "string",
"event_type": "string",
"event_time": "2025-09-29T13:13:25.196Z",
"status": "string",
"error_code": "string",
"request_id": "string",
"subject": {
"id": "string",
"type": "string",
"name": "string",
"auth_provider": "string",
"is_authorized": true,
"authorized_by": [
"string"
],
"credentials_fingerprint": "string"
},
"resource": {
"id": "string",
"type": "string",
"name": "string",
"account_id": "string",
"project_id": "string",
"location": "string",
"details": {},
"old_values": {
"additionalProp1": {}
},
"new_values": {
"additionalProp1": {}
}
},
"source_type": "string",
"request": {
"remote_address": "string",
"user_agent": "string",
"type": "string",
"path": "string",
"method": "string",
"parameters": "string"
},
"schema_version": "string"
}
]
Some fields are optional and may not be present in the event. Also, some fields have reserved values.
Event Fields
| Field | Description | Data type | Mandatory | |
|---|---|---|---|---|
event_id | Unique event identifier | String | ✓ | |
event_type | Event type, the full list can be found in the Event Types subsection | String | ✓ | |
event_time | Event time in ISO8601 format with timezone | String | ✓ | |
event_saved_time | Time of event saving in audit logs in ISO8601 format with timezone | String | ✓ | |
status | Event Status. Possible values:
| String | ✓ | |
error_code | Error code | String | ✗ | |
request_id | Unique event chain identifier or request identifier | String | ✓ | |
subject | Information about the subject - service or user who performed the operation | Object | ✓ | |
id | Unique identifier of the subject of the action. Example formats:
| String | ✓ | |
type | Subject Type. Possible values:
| String | ✓ | |
name | Subject Name | String | ✗ | |
auth_provider | The authentication provider of the subject. Possible values:
| String | ✗ | |
is_authorized | Authorization result | Logical | ✓ | |
authorized_by | A set of roles and other authorization attributes with which the request was authorized | Array of strings | ✗ | |
credentials_fingerprint | The fingerprint of the secret with which the request was authorized | String | ✗ | |
resource | The object of an action is an entity on which the subject performed an operation. The object can be a resource (server, disk), user, role, account, etc. | Object | ✓ | |
id | Unique object identifier | String | ✓ | |
type | Type of object | String | ✓ | |
name | Object Name | String | ✗ | |
account_id | Account ID | String | ✓ | |
project_id | Project ID | String | ✗ | |
location | The data center, availability zone, or pool in which the subject is located | String | ✗ | |
details | Event Details. Defined by the source service and event type | Object | ✗ | |
changes | Changes that have occurred to the subject | Object | ✗ | |
changes_old_values | Set of old values of subject attributes | Object | ✗ | |
changes_new_values | Set of new values of subject attributes | Object | ✓ | |
source | The service that recorded the change | Object | ✓ | |
type | The name of the product, service or service in which the event occurred | String | ✓ | |
request | Request information | Object | ✓ | |
remote_address | IP address from which the request came | String | ✗ | |
user_agent | User Agent of the event subject | String | ✗ | |
type | Query Type. Possible values:
| String | ✓ | |
path | Path to the resource where the event occurred | String | ✗ | |
method | Query method | String | ✗ | |
parameters | Query parameters | String | ✗ | |
schema_version | Fixed value - 1.0 | String | ✓ | |
Reserved values
If the value of a field cannot be determined by the log source services - for example, if an error occurred during the execution of an action, or if the object has not yet been created and there is no resource_id - the reserved value undefined is used .
It can be specified by the fields:
subject_id;subject_type;resource_id;resource_type;resource_account_id.
Event types (event_type)
In Audit Logs, event types are grouped by services that are responsible for different parts of the products. With the help of services, you can filter events in the log upload through the Control Panel and Audit Logs API.
The list of products that support audit logs, services, and event types will continue to grow.
| Product or management area | Services |
|---|---|
| Account, users, projects and accesses | iam |
| Billing, payment information | legal billing |
| Dedicated servers, hosted hardware, basic firewall, storage | dedicated |
| Cloud platform | vpc quota_management compute filestorage |
| The manager of secrets | secrets certificates |
| Logs | logs |
| Audit logs | audit_logs |
| Global router | global_router |
| Managed Kubernetes | mks |
iam service
Responsible for operations in the account, with users, projects and accesses. Some of them (e.g. users and their keys) can be managed via the IAM API.
| Event name (event_type) | Description | |
|---|---|---|
Account * | iam.account.init_action | Authentication when performing certain actions. Contains information about the subject. Combined with the main event through the request_id field |
| iam.account.email_confirmation | Confirmation of e-mail address when registering an account | |
| iam.account.phone_confirmation | Confirmation of phone number when registering an account | |
| iam.account.fill | Filling in account details | |
| iam.account.delete | Account Deletion | |
| iam.account.update | Changing account details | |
| Account Login | iam.user.login | User login to the account |
| iam.user_password.check | User password entry | |
| iam.user.logout | Log the user out of the account | |
| iam.user_2fa_code.verify | 2FA entry attempt | |
| iam.user_session.reset_all_other | Reset all sessions except the current session | |
| iam.user_session.reset_all_within_browser | Log out of all accounts to which you are logged in in the browser | |
| iam.user_session.reset_all | Forced session termination by the system | |
| Password | iam.user_password.reset_request | Request an e-mail with a link to reset the password |
| iam.user_password.reset_apply | Resetting a password and creating a new password | |
| iam.user_password.update | Password change | |
| Two-factor authentication | iam.user_2fa.enable | Enabling two-factor authentication |
| iam.user_2fa.disable | Turning off two-factor authentication | |
| iam.user_2fa_code.send | Requesting a two-factor authentication code | |
| iam.user_2fa_backup_codes.create | Creating backup codes | |
| iam.user_2fa_otp.enable | Connecting login via an authenticator application | |
| iam.user_2fa_email.enable | Connecting login via e-mail | |
| iam.user_2fa_sms.enable | Connecting login via SMS | |
| iam.user_2fa_backup_codes.enable | Connecting an input using redundant codes and creating them | |
| iam.user_2fa_otp.disable | Disabling logging in via an authenticator application | |
| iam.user_2fa_email.disable | Disabling login via email | |
| iam.user_2fa_sms.disable | Disabling login via SMS | |
| Changing contact details | iam.user_email.change_init | Request for change of e-mail address |
| iam.user_email.change_unlocked | Confirming a change of e-mail address | |
| iam.user_email.update | Successful change of e-mail address | |
| iam.user_phone.change_init | Request for change of phone number | |
| iam.user_phone.change_unlocked | Confirmation of phone number change | |
| iam.user_phone.update | Successful phone number change | |
Users * | iam.user_profile.create | Creating a new user profile |
| iam.user.email_confirmation | New user registration via the link from the invitation letter | |
| iam.federated_user_profile.create | Creating a federated user profile | |
| iam.user.phone_confirmation | Confirming phone number when registering a new user | |
| iam.user_profile.fill | Filling in the user's profile data | |
| iam.user_profile.update | User updates his profile data | |
| iam.federated_user_profile.update | Updating federated user profile data | |
| iam.user_profile.delete | Deleting a user profile | |
| iam.federated_user_profile.delete | Deleting a federated user profile | |
| iam.user_subscription.add | Adding a notification category to a user | |
| iam.user_subscription.delete | Deleting a user's notification category | |
| iam.user.create | User Creation | |
| iam.user.delete | Deleting a user | |
| iam.user_role.add | Assigning roles to a user | |
| iam.user_role.remove | Deleting user roles | |
| iam.user_group.add | Assigning groups to a user | |
| iam.user_group.remove | Deleting groups from a user | |
| Service users | iam.service_user.create | Creating a service user |
| iam.service_user.update | Service user update | |
| iam.service_user.delete | Deleting a service user | |
| iam.service_user_role.add | Assigning roles to the service user | |
| iam.service_user_role.remove | Deleting roles from a service user | |
| iam.service_user_group.add | Assigning groups to a service user | |
| iam.service_user_group.remove | Deleting groups from a service user | |
| User group | iam.group.create | Creating a user group |
| iam.group.update | Updating a user group | |
| iam.group.delete | Deleting a user group | |
| iam.group_user.add | Adding users to a group | |
| iam.group_user.remove | Deleting users from a group | |
| iam.group_role.add | Assigning roles to a user group | |
| iam.group_role.remove | Deleting roles from a group of users | |
| Federations | iam.federation.create | Establishment of a federation |
| iam.federation.update | Changing the federation | |
| iam.federation.delete | Removal of the federation | |
| iam.federation_cert.create | Creating a federation certificate | |
| iam.federation_cert.update | Updating the federation certificate | |
| iam.federation_cert.delete | Deleting a federation certificate | |
| Projects | iam.project.create | Project Creation |
| iam.project.update | Project Update | |
| iam.project_domain.detach | Deleting a project domain | |
| iam.project.delete | Deleting a project | |
| IAM tokens | iam.auth_token.issue | Issuance of IAM token |
| iam.auth_token.revoke | Revocation of IAM token | |
| S3 keys | iam.user_credential.add | Creating an S3 key for a user |
| iam.user_credential.remove | Deleting an S3 key from a user | |
| iam.service_user_credential.add | Creating an S3 key for a service user | |
| iam.service_user_credential.remove | Deleting the S3 key from a service user | |
| Static tokens | iam.api_key.create | Creating a static token |
| iam.api_key.update | Updating a static token | |
| iam.api_key.enable | Activating a static token | |
| iam.api_key.disable | Deactivating a static token | |
| iam.api_key.delete | Deleting a static token | |
| ACL | iam.acl.enable | Enabling ACLs |
| iam.acl.disable | Turning off ACL | |
| iam.acl_ip.create | Creating an ACL rule | |
| iam.acl_ip.delete | Deleting an ACL rule |
* In these events, detailed information about the subject is provided in the paired authentication event. In it, events with the type iam.account.init_action are combined with the main event through the request_id.
Service legal
Responsible for transactions with the contract customer, the paying party.
| Event name (event_type) | Description | |
|---|---|---|
| Customer under the contract | legal.payer.create | Creation of a customer |
| legal.payer.update | Updating customer data | |
| legal.payer.reorganization | Reorganization of the customer's company |
Billing service
Responsible for transactions that occur with resources when resources are deferred, unpaid, or repaid.
In billing service events, detailed information about the subject is provided in a paired authentication event. In it, events with type iam.account.init_action are combined with the main event via the request_id field.
| Event name (event_type) | Description | |
|---|---|---|
| Cloud platform financial signals | billing.block_signal.apply | Blocking a resource |
| billing.unblock_signal.apply | Unlocking a resource | |
| billing.restrict_signal.apply | Restricting access to the resource | |
| billing.unrestrict_signal.apply | Removing restrictions on access to the resource | |
| billing.delete_signal.apply | Deleting a resource | |
| Deferred payment | billing.soft_grace_policy.enable | Connection of deferred payment |
| billing.soft_grace_policy.disable | Disabling deferred payment | |
| billing.soft_grace_signal.apply | Activation of deferred payment | |
| billing.unsoft_grace_signal.apply | Completion of active deferred payment arrangements |
Service dedicated
Responsible for operations:
- with dedicated servers;
- with the equipment that's been placed;
- a basic firewall;
- data storage systems.
Servers and hardware can be managed through the Dedicated Servers API.
| Event name (event_type) | Description | |
|---|---|---|
| Dedicated server | dedicated.server.create | Ordering a dedicated server |
| dedicated.server.update | Changing a dedicated server | |
| dedicated.server.delete | Deleting a dedicated server | |
| dedicated.server.power_on | Enabling a dedicated server | |
| dedicated.server.power_off | Shutting down a dedicated server | |
| dedicated.server.reboot | Rebooting a dedicated server | |
| dedicated.server.os_reinstall | Reinstalling the OS of a dedicated server | |
| dedicated.server.password_show | View the password of a dedicated server | |
| dedicated.server.console_open | Opening the Dedicated Server Console | |
| dedicated.server.upgrade_create | Creating a dedicated server upgrade | |
| dedicated.server.upgrade_cancel | Cancellation of dedicated server upgrade | |
| Additional services | dedicated.additional_resource.create | Ordering an additional service |
| dedicated.additional_resource.update | Changing an additional service | |
| dedicated.additional_resource.delete | Deleting an additional service | |
| Equipment placement | dedicated.colocation.create | Ordering equipment placement |
| dedicated.colocation.update | Changing the location of equipment | |
| dedicated.colocation.delete | Removal of equipment placement | |
| Firewall | dedicated.firewall.create | Ordering a firewall |
| dedicated.firewall.update | Changing the firewall | |
| dedicated.firewall.delete | Removing the firewall | |
| Network equipment | dedicated.network_equipment.create | Ordering network equipment |
| dedicated.network_equipment.update | Changing network equipment | |
| dedicated.network_equipment.delete | Removing network equipment | |
| Equipment (data storage systems) | dedicated.equipment.create | Ordering equipment |
| dedicated.equipment.update | Equipment modification | |
| dedicated.equipment.delete | Equipment removal | |
| Network service | dedicated.network.create | Ordering a network service |
| dedicated.network.update | Change of network service | |
| dedicated.network.delete | Deleting a network service | |
| Port service | dedicated.ports_service.create | Ordering a port service |
| dedicated.ports_service.update | Changing the port service | |
| dedicated.ports_service.delete | Deleting a network service | |
| Software | dedicated.software.create | Software ordering |
| dedicated.software.update | Software change | |
| dedicated.software.delete | Software removal | |
| Tags | dedicated.tag.create | Software ordering |
| dedicated.tag.update | Software change | |
| dedicated.tag.delete | Software removal | |
| Basic firewall | dedicated.basic_firewall.create | Creating a basic firewall |
| dedicated.basic_firewall.update | Changing the basic firewall | |
| dedicated.basic_firewall.delete | Removing the basic firewall | |
| Public subnet | dedicated.public_sunbet.create | Creating a public subnet |
| dedicated.public_sunbet.update | Changing the public subnet | |
| dedicated.public_sunbet.delete | Deleting a public subnet | |
| Private subnet | dedicated.private_subnet.create | Creating a private subnet |
| dedicated.private_subnet.update | Changing the private subnet | |
| dedicated.private_subnet.delete | Deleting a private subnet | |
| Public VLAN | dedicated.public_vlan.create | Creating a public VLAN |
| dedicated.public_vlan.update | Changing the public VLAN | |
| dedicated.public_vlan.delete | Deleting a public VLAN | |
| Private VLAN | dedicated.private_vlan.create | Creating a private VLAN |
| dedicated.private_vlan.update | Changing a private VLAN | |
| dedicated.private_vlan.delete | Deleting a private VLAN | |
| SSH keys | dedicated.ssh_key.create | Creating an SSH key |
| dedicated.ssh_key.update | Changing the SSH key | |
| dedicated.ssh_key.delete | Deleting an SSH key |
Service vpc
Responsible for operations with cloud platform networks, cloud firewalls, private DNS, security groups, cloud load balancers.
| Event name (event_type) | Description | |
|---|---|---|
| Private networks | vpc.network.create cloud_network.network.create * | Creating a private network |
| vpc.network.update cloud_network.network.update * | Changing the private network | |
| vpc.network.delete cloud_network.network.delete * | Deleting a private network | |
| Private subnets | vpc.subnet.create cloud_network.subnet.create * | Creating a private subnet |
| vpc.subnet.update cloud_network.subnet.update * | Changing the private subnet | |
| vpc.subnet.delete cloud_network.subnet.delete * | Deleting a private subnet | |
| Public subnets | vpc.subnet.create cloud_network.subnet.create * | Creating a public subnet |
| vpc.subnet.bulk_create cloud_network.subnet.bulk_create * | Adding a public subnet to a project | |
| vpc.subnet.update cloud_network.subnet.update * | Changing the public subnet | |
| vpc.subnet.delete cloud_network.subnet.delete * | Deleting a public subnet | |
| vpc.subnet.init_delete cloud_network.subnet.init_delete * | Removing a public subnet from a project | |
| Subnetwork pools | vpc.subnet_pool.create cloud_network.subnetpool.create * | Creating a subnetwork pool |
| vpc.subnet_pool.update cloud_network.subnetpool.update * | Changing the subnet pool | |
| vpc.subnet_pool.delete cloud_network.subnetpool.delete * | Deleting a subnetwork pool | |
| Address spaces | vpc.address_scope.create cloud_network.address_scope.create * | Creating an address space |
| vpc.address_scope.update cloud_network.address_scope.update * | Changing the address space | |
| vpc.address_scope.delete cloud_network.address_scope.delete * | Address space deletion | |
| Address groups | vpc.address_group.create cloud_network.address_group.create * | Creating an address group |
| vpc.address_group.update cloud_network.address_group.update * | Changing the address group | |
| vpc.address_group.delete cloud_network.address_group.delete * | Deleting an address group | |
| Public IP addresses | vpc.floating_ip.create cloud_network.floatingip.create. * | Creating a public IP address |
| vpc.floating_ip.bulk_create cloud_network.floatingip.bulk_create * | Adding a public IP address to the project | |
| vpc.floating_ip.update cloud_network.floatingip.update. * | Changing the public IP address, including connecting to or disconnecting from a port | |
| vpc.floating_ip_port_forwarding.create cloud_network.port_forwarding.create * | Creating port forwarding (1:1 NAT via cloud router) | |
| vpc.floating_ip_port_forwarding.update cloud_network.port_forwarding.update * | Changing port forwarding (1:1 NAT via cloud router) | |
| vpc.floating_ip_port_forwarding.delete cloud_network.port_forwarding.delete * | Removing port forwarding (1:1 NAT via cloud router) | |
| vpc.floating_ip.init_delete cloud_network.floatingip.init_delete * | Removing a public IP address from a project | |
| vpc.floating_ip.delete cloud_network.floatingip.delete. * | Deleting a public IP address | |
| Ports | vpc.port.create cloud_network.port.create * | Creating a port |
| vpc.port.update cloud_network.port.update * | Port change | |
| vpc.port.delete cloud_network.port.delete * | Port removal | |
| Cloud routers | vpc.router.create cloud_network.router.create * | Creating a cloud router |
| vpc.router.update cloud_network.router.update * | Changing the cloud router | |
| vpc.router.delete cloud_network.router.delete * | Removing the cloud router | |
| vpc.router.add_interface cloud_network.router.add_router_interface * | Connecting a subnet to the router | |
| vpc.router.remove_interfaces cloud_network.router.remove_router_interface * | Disconnecting the subnet from the router | |
| Security groups | vpc.security_group.create cloud_network.security_group.create * | Establishment of a security team |
| vpc.security_group.update cloud_network.security_group.update * | Changing the security group | |
| vpc.security_group.delete cloud_network.security_group.delete * | Deleting a security group | |
| vpc.security_group_rule.create cloud_network.security_group_rule.create * | Creating a safety group rule | |
| vpc.security_group_rule.delete cloud_network.security_group_rule.delete * | Deletion of the security group rule | |
| Resource access policies | vpc.rbac_policy.create cloud_network.rbac_policy.create * | Creating an access policy |
| vpc.rbac_policy.update cloud_network.rbac_policy.update * | Changing the access policy | |
| vpc.rbac_policy.delete cloud_network.rbac_policy.delete * | Deleting an access policy | |
| Cloud firewalls | vpc.firewall.create cloud_network.firewall.create * | Creating a firewall |
| vpc.firewall.update cloud_network.firewall.update * | Changing the firewall | |
| vpc.firewall.delete cloud_network.firewall.delete * | Uninstalling the firewall | |
| vpc.firewall_rule.create cloud_network.firewall_rule.create * | Creating a firewall rule | |
| vpc.firewall_rule.update cloud_network.firewall_rule.update * | Firewall rule change | |
| vpc.firewall_rule.delete cloud_network.firewall_rule.delete * | Deleting a firewall rule | |
| vpc.firewall_policy.create cloud_network.firewall_policy.create * | Creating a firewall policy | |
| vpc.firewall_policy.update cloud_network.firewall_policy.update * | Changing the firewall policy | |
| vpc.firewall_policy.delete cloud_network.firewall_policy.delete * | Deleting a firewall policy | |
| Private DNS | vpc.private_dns_zone.create | Creation of an area |
| vpc.private_dns_zone.update | Zone update | |
| vpc.private_dns_zone.delete | Zone deletion | |
| vpc.private_dns_zone.update_recordset | Changing zone entries | |
| vpc.private_dns_service.create | Connecting the network to a private DNS resolver | |
| vpc.private_dns_service.delete | Disconnecting the network from the private DNS resolver | |
| vpc.private_dns_service.update | Changing network connection settings to a private DNS resolver | |
| vpc.private_dns_service.update_network | Reconfiguring Private DNS Resolver Ports | |
| Load balancer | vpc.load_balancer.create cloud_load_balancer.load_balancer.create * | Creating a balancer |
| vpc.load_balancer.update cloud_load_balancer.load_balancer.update * | Changing the balancer | |
| vpc.load_balancer.delete cloud_load_balancer.load_balancer.delete * | Removing the balancer | |
| vpc.load_balancer.failover cloud_load_balancer.load_balancer.failover * | Starting the rebuild of the balancer | |
| vpc.load_balancer_log_offloading.enable cloud_load_balancer.load_balancer_log_offloading.update * | Enabling the balancer log upload task | |
| vpc.load_balancer_log_offloading.disable cloud_load_balancer.load_balancer_log_offloading.delete * | Turning off the balancer log upload task | |
| vpc.load_balancer_pool_member.create cloud_load_balancer.member.create * | Adding a server to the balancer's target group | |
| vpc.load_balancer_pool_member.update cloud_load_balancer.member.update * | Changing the server in the balancer's target group | |
| vpc.load_balancer_pool_member.delete cloud_load_balancer.member.delete * | Removing a server from the balancer's target group | |
| vpc.load_balancer_pool.create cloud_load_balancer.pool.create * | Creating a balancer task force | |
| vpc.load_balancer_pool.update cloud_load_balancer.pool.update * | Changing the balancer's target group | |
| vpc.load_balancer_pool.delete cloud_load_balancer.pool.delete * | Deleting a balancer target group | |
| vpc.load_balancer_listener.create cloud_load_balancer.listener.create * | Creating a balancer rule | |
| vpc.load_balancer_listener.update cloud_load_balancer.listener.update * | Balancer rule change | |
| vpc.load_balancer_listener.delete cloud_load_balancer.listener.delete * | Deleting a balancer rule | |
| vpc.load_balancer_l7_policy.create cloud_load_balancer.l7_policy.create * | Creating HTTP policy of the balancer | |
| vpc.load_balancer_l7_policy.update cloud_load_balancer.l7_policy.update * | Changing HTTP policy of the balancer | |
| vpc.load_balancer_l7_policy.delete cloud_load_balancer.l7_policy.delete * | Removing HTTP policy of the balancer | |
| vpc.load_balancer_l7_policy_rule.create cloud_load_balancer.rule.create * | Creating L7-rule balancer | |
| vpc.load_balancer_l7_policy_rule.update cloud_load_balancer.rule.update * | Changing the L7-rule of the balancer | |
| vpc.load_balancer_l7_policy_rule.delete cloud_load_balancer.rule.delete * | Deletion of L7 balancer rules | |
| vpc.load_balancer_healthmonitor.create cloud_load_balancer.healthmonitor.create * | Creating a balancer availability check | |
| vpc.load_balancer_healthmonitor.update cloud_load_balancer.healthmonitor.update * | Changing the balancer availability check | |
| vpc.load_balancer_healthmonitor.delete cloud_load_balancer.healthmonitor.delete * | Removing the balancer availability check | |
| vpc.load_balancer_amphorae.delete cloud_load_balancer.amphorae.delete. * | Deleting a balancer instance | |
| vpc.load_balancer_amphorae.failover cloud_load_balancer.amphorae.failover. * | Starting the rebuild of the balancer instance |
* The event is deprecated and will soon cease to be recorded in audit logs.
Service quota_manager
Responsible for operations with project quotas. Quotas can be managed via Quota Management API.
| Event name (event_type) | Description | |
|---|---|---|
| quotas | quota_manager.project.update | Updating quotas |
Compute service
Responsible for license operations, cloud servers, network disks, disk snapshots, network disk backups and cloud server images.
You can manage licenses through the Cloud Platform Projects and Resources API.
| Event name (event_type) | Description | |
|---|---|---|
| SSH keys (keypairs) | compute.keypair.bulk_create cloud_compute.keypair.bulk_create * | Creating a key pair (bulk operation) |
| compute.keypair.bulk_delete cloud_compute.keypair.bulk_delete * | Deleting a key pair (bulk operation) | |
| compute.keypair.create cloud_compute.keypair.create * | Creating or importing a key pair | |
| compute.keypair.delete cloud_compute.keypair.delete * | Deleting a key pair | |
| Licenses | compute.license.license.bulk_create cloud_license.license.bulk_create * | Creating a license (bulk operation) |
| compute.license.license.delete cloud_license.license.delete * | Deleting a license | |
| Cloud servers | compute.server.init_delete cloud_compute.server.init_delete * | Initializing cloud server deletion |
| compute.server.init_rebuild cloud_compute.server.init_rebuild * | Initializing cloud server recreation | |
| compute.server.create cloud_compute.server.create * | Creating a cloud server | |
| compute.server.update cloud_compute.server.update * | Updating cloud server information | |
| compute.server.delete cloud_compute.server.delete * | Deleting a cloud server (in soft mode) | |
| compute.server.add_floatingip cloud_compute.server.add_floatingip * | Adding a public IP address to a cloud server | |
| compute.server.remove_floatingip cloud_compute.server.remove_floatingip * | Disconnecting a public IP address from a cloud server | |
| compute.server.add_fixedip cloud_compute.server.add_fixedip * | Adding a fixed IP address to a cloud server | |
| compute.server.remove_fixedip cloud_compute.server.remove_fixedip * | Disconnecting a fixed IP address from a cloud server | |
| compute.server.add_security_group cloud_compute.server.add_security_group * | Adding a security group to a cloud server | |
| compute.server.remove_security_group cloud_compute.server.remove_security_group * | Disconnecting the security group from the cloud server | |
| compute.server.set_admin_password cloud_compute.server.set_admin_password * | Changing the cloud server OS administrator password | |
| compute.server.resize cloud_compute.server.resize * | Starting a cloud server configuration change | |
| compute.server.confirm_resize cloud_compute.server.confirm_resize * | Confirming a cloud server configuration change | |
| compute.server.revert_resize cloud_compute.server.revert_resize * | Cancel cloud server configuration changes | |
| compute.server.create_backup cloud_compute.server.create_backup * | Creating a cloud server backup | |
| compute.server.create_image cloud_compute.server.create_image * | Creating a cloud server disk image | |
| compute.server.lock cloud_compute.server.lock * | Cloud server blocking | |
| compute.server.unlock cloud_compute.server.unlock. * | Unlocking a cloud server | |
| compute.server.pause cloud_compute.server.pause. * | Pausing the cloud server | |
| compute.server.unpause cloud_compute.server.unpause * | Pausing a cloud server | |
| compute.server.reboot cloud_compute.server.reboot * | Cloud server reboot | |
| compute.server.rebuild cloud_compute.server.rebuild * | Cloud server rebuild | |
| compute.server.rescue cloud_compute.server.rescue * | Starting Rescue Mode for Cloud Server | |
| compute.server.unrescue cloud_compute.server.unrescue * | Taking the cloud server out of Rescue mode | |
| compute.server.start cloud_compute.server.start * | Enabling the cloud server | |
| compute.server.stop cloud_compute.server.stop * | Shutting down the cloud server | |
| compute.server.get_console_output cloud_compute.server.get_console_output * | Cloud Server Output Console Query | |
| compute.server.shelve cloud_compute.server.shelve * | Cloud server freeze | |
| compute.server.unshelve cloud_compute.server.unshelve * | Cloud server unfreezing | |
| compute.server.trigger_crash_dump cloud_compute.server.trigger_crash_dump * | Running a cloud server crash dump | |
| compute.server.create_serial_console cloud_compute.server.create_serial_console * | Creating a Cloud Server Serial Console | |
| compute.server.create_spice_console cloud_compute.server.create_spice_console * | Creating a SPICE console of a cloud server | |
| compute.server.create_vnc_console cloud_compute.server.create_vnc_console * | Creating a cloud server VNC console | |
| compute.server.create_rdp_console cloud_compute.server.create_rdp_console * | Creating a cloud server RDP console | |
| compute.server.create_console cloud_compute.server.create_console * | Creating a cloud server console | |
| compute.server.create_metadata cloud_compute.server.create_metadata * | Creating cloud server metadata | |
| compute.server.update_metadata cloud_compute.server.update_metadata * | Updating cloud server metadata | |
| compute.server.update_metadata_item cloud_compute.server.update_metadata_item * | Updating the cloud server metadata property | |
| compute.server.delete_metadata_item cloud_compute.server.delete_metadata_item * | Deleting a cloud server metadata property | |
| compute.server.attach_interface cloud_compute.server.attach_interface * | Creating an interface and connecting it to the cloud server | |
| compute.server.detach_interface cloud_compute.server.detach_interface * | Disconnecting the interface from the cloud server | |
| compute.server.clear_admin_password cloud_compute.server.clear_admin_password * | Resetting the OS administrator password from the metadata server | |
| compute.server.attach_volume cloud_compute.server.attach_volume * | Connecting a network drive to a cloud server | |
| compute.server.detach_volume cloud_compute.server.detach_volume * | Disconnecting a network drive from a cloud server | |
| compute.server.update_volume_attachment cloud_compute.server.update_volume_attachment * | Updates information about the disk connection to the cloud server | |
| compute.server.replace_all_tags cloud_compute.server.replace_all_tags * | Replacing the cloud server tag set | |
| compute.server.add_tag cloud_compute.server.add_tag * | Adding a tag to a cloud server | |
| compute.server.delete_all_tags cloud_compute.server.delete_all_tags * | Deleting all cloud server tags | |
| compute.server.delete_tag cloud_compute.server.delete_tag * | Deleting the cloud server tag | |
| compute.server.leave_server_group cloud_compute.server.leave_server_group * | Removing a cloud server from a placement group | |
| Flavors | compute.flavor.create cloud_compute.flavor.create * | Creating a flavor |
| compute.flavor.delete cloud_compute.flavor.delete * | Flavor removal | |
| Accommodation groups | compute.server_group.create cloud_compute.server_group.create * | Creating a placement group |
| compute.server_group.delete cloud_compute.server_group.delete * | Deleting a placement group | |
| Public IP addresses | compute.floatingip.create cloud_compute.floatingip.create. * | Creating a public IP address |
| compute.floatingip.delete cloud_compute.floatingip.delete. * | Deleting a public IP address | |
| Network disks | compute.volume_attachment.create cloud_blockstorage.volume_attachment.create * | Creating a disk connection to a cloud server |
| compute.volume_attachment.delete cloud_blockstorage.volume_attachment.delete * | Removing a disk connection to a cloud server | |
| compute.volume_attachment.update cloud_blockstorage.volume_attachment.update * | Updating the disk connection to the cloud server | |
| compute.volume_attachment.complete cloud_blockstorage.volume_attachment.complete * | Marking the disk connection to the cloud server ready | |
| compute.volume_metadata.create cloud_blockstorage.volume_metadata.create * | Creating disk metadata | |
| compute.volume_metadata.delete cloud_blockstorage.volume_metadata.delete * | Delete disk metadata | |
| compute.volume_metadata.update_key cloud_blockstorage.volume_metadata.update_key * | Updating disk metadata by key | |
| compute.volume_metadata.update cloud_blockstorage.volume_metadata.update * | Updating disk metadata | |
| compute.volume.revert cloud_blockstorage.volume.revert * | Resetting a disk to a snapshot | |
| compute.volume_transfer.create cloud_blockstorage.volume_transfer.create * | Creating a disk move to another project | |
| compute.volume_transfer.delete cloud_blockstorage.volume_transfer.delete * | Deleting a disk move to another project | |
| compute.volume_transfer.update cloud_blockstorage.volume_transfer.update * | Confirming moving a disk to another project | |
| compute.volume.create_image cloud_blockstorage.volume.create_image * | Creating an image from a disk | |
| compute.volume.create cloud_compute.volume.create *cloud_blockstorage.volume.create * | Disk creation | |
| compute.volume.delete cloud_compute.volume.delete *cloud_blockstorage.volume.delete * | Disk removal | |
| compute.volume.read_image_metadata cloud_blockstorage.volume.read_image_metadata * | Reading image metadata for a disk | |
| compute.volume.update cloud_blockstorage.volume.update. * | Changing disk attributes (for example, renaming) | |
| compute.volume.attach cloud_blockstorage.volume.attach. * | Connecting a disk to a virtual machine | |
| compute.volume.detach cloud_blockstorage.volume.detach. * | Disconnecting a disk from a virtual machine | |
| compute.volume.extend cloud_blockstorage.volume.extend * | Increasing disk capacity | |
| compute.volume.reimage cloud_blockstorage.volume.reimage. * | Recreating a disk from an image | |
| compute.volume.detach_abort cloud_blockstorage.volume.detach_abort * | Changing the disk status to IN-USE | |
| compute.volume.detach_init cloud_blockstorage.volume.detach_init * | Changing the disk status to DETACHING | |
| compute.volume.attach_init cloud_blockstorage.volume.attach_init * | Initializing the drive connection to the cloud server | |
| compute.volume.reserve cloud_blockstorage.volume.reserve * | Backing up a disk to connect to a cloud server | |
| compute.volume.unreserve cloud_blockstorage.volume.unreserve * | Disk de-provisioning to connect to a cloud server | |
| compute.volume.update_readonly_mark cloud_blockstorage.volume.update_readonly_mark * | Transferring a disk to or from read-only mode | |
| compute.volume.update_bootable_mark cloud_blockstorage.volume.update_bootable_mark * | Changing the bootable label on a disk | |
| compute.volume.update_image_metadata cloud_blockstorage.volume.update_image_metadata * | Adding image metadata to a disk | |
| compute.volume.attach_terminate cloud_blockstorage.volume.attach_terminate * | Forcibly disconnecting a network disk from a cloud server | |
| compute.volume.delete_image_metadata cloud_blockstorage.volume.delete_image_metadata * | Delete image metadata from a disk by key | |
| Snapshots | compute.snapshot.create cloud_compute.snapshot.create *cloud_blockstorage.snapshot.create * | Creating a disk snapshot |
| compute.snapshot.delete cloud_compute.snapshot.delete *cloud_blockstorage.snapshot.delete * | Deleting a disk snapshot | |
| compute.snapshot.update cloud_blockstorage.snapshot.update * | Changing snapshot parameters (renaming) | |
| compute.snapshot.update_status cloud_blockstorage.snapshot.update_status * | Changing the status of a snapshot | |
| compute.snapshot_metadata.delete cloud_blockstorage.snapshot_metadata.delete * | Deleting snapshot metadata | |
| compute.snapshot_metadata.update_key cloud_blockstorage.snapshot_metadata.update_key * | Updating snapshot metadata by key | |
| compute.snapshot_metadata.create cloud_blockstorage.snapshot_metadata.create * | Creating snapshot metadata | |
| compute.snapshot_metadata.update cloud_blockstorage.snapshot_metadata.update * | Updating snapshot metadata | |
| Backups | compute.backup.create cloud_blockstorage.backup.create * | Creating a backup |
| compute.backup.create_ondemand cloud_blockstorage.backup.create_ondemand * | Creating backup by button (on_demand) | |
| compute.backup.delete cloud_blockstorage.backup.delete * | Deleting a backup | |
| compute.backup.restore cloud_blockstorage.backup.restore * | Restore from backup | |
| compute.backup.update cloud_blockstorage.backup.update * | Updating the backup | |
| Images | compute.image.create_metadata cloud_compute.image.create_metadata * | Creating image metadata |
| compute.image.update_metadata cloud_compute.image.update_metadata * | Updating image metadata | |
| compute.image.update_metadata_item cloud_compute.image.update_metadata_item * | Updating the image metadata property | |
| compute.image.delete_metadata_item cloud_compute.image.delete_metadata_item * | Deleting the image metadata property | |
| compute.image.create cloud_blockstorage.image.create * | Image creation | |
| compute.image.delete cloud_compute.image.delete *cloud_blockstorage.image.delete * | Deleting an image | |
| compute.image.update cloud_blockstorage.image.update * | Updating the image | |
| compute.image.upload cloud_blockstorage.image.upload. * | Loading an image from a file | |
| compute.image.deactivate cloud_blockstorage.image.deactivate * | Deactivating the image | |
| compute.image.reactivate cloud_blockstorage.image.reactivate * | Reactivating the image | |
| compute.image.import cloud_blockstorage.image.import. * | Downloading an image (e.g. from a link) | |
| compute.image_member.create cloud_blockstorage.image_member.create * | Requesting access to an image for another project | |
| compute.image_member.delete cloud_blockstorage.image_member.delete * | Deleting image access for another project | |
| compute.image_member.update cloud_blockstorage.image_member.update * | Updating the status of accessing an image from another project | |
| compute.image_tag.create cloud_blockstorage.image_tag.create * | Creating a tag for an image | |
| compute.image_tag.delete cloud_blockstorage.image_tag.delete * | Deleting a tag for an image | |
| compute.image.validate_url cloud_blockstorage.image.validate_url * | Validating the image before downloading by link | |
| compute.image.validate_file cloud_blockstorage.image.validate_file * | Validating the image before downloading from a file | |
| Security groups | compute.security_group.create cloud_compute.security_group.create * | Establishment of a security team |
| compute.security_group.update cloud_compute.security_group.update * | Updating the security group | |
| compute.security_group.delete cloud_compute.security_group.delete * | Deleting a security group | |
| compute.security_group_rule.create cloud_compute.security_group_rule.create * | Creating a rule in a safety group | |
| compute.security_group_rule.delete cloud_compute.security_group_rule.delete * | Deleting a rule in a security group |
* The event is deprecated and will soon cease to be recorded in audit logs.
Filestorage service
Responsible for file storage operations.
| Event name (event_type) | Description | |
|---|---|---|
| File storage | filestorage.access_rule_metadata.update cloud_filestorage.access_rule_metadata.update * | Modifying file storage access rule metadata |
| filestorage.access_rule_metadata.delete cloud_filestorage.access_rule_metadata.delete * | Deleting file storage access rule metadata | |
| filestorage.share_network.create cloud_filestorage.share_network.create * | Creating a network connection for file storage | |
| filestorage.share_network.delete cloud_filestorage.share_network.delete * | Removing the network for file storage | |
| filestorage.share_network.update cloud_filestorage.share_network.update * | Changing the network for file storage | |
| filestorage.share_network_subnet.create cloud_filestorage.share_network_subnet.create * | Creating a subnet for file storage | |
| filestorage.share_network_subnet.delete cloud_filestorage.share_network_subnet.delete * | Deleting a subnet for file storage | |
| filestorage.metadata.create cloud_filestorage.metadata.create * | Adding file storage metadata | |
| filestorage.metadata.update cloud_filestorage.metadata.update * | Changing file storage metadata | |
| filestorage.metadata.delete cloud_filestorage.metadata.delete * | Deleting a file storage metadata attribute | |
| filestorage.share.allow cloud_filestorage.share.allow * | Adding an access rule for file storage | |
| filestorage.share.deny cloud_filestorage.share.deny * | Deleting an access rule for file storage | |
| filestorage.share.create cloud_filestorage.share.create * | Creating file storage | |
| filestorage.share.delete cloud_filestorage.share.delete * | Deleting file storage | |
| filestorage.share.update cloud_filestorage.share.update * | Changing file storage attributes (e.g., renaming) | |
| filestorage.share.extend cloud_filestorage.share.extend * | Increasing file storage capacity | |
| filestorage.share.reload_network cloud_filestorage.share.reload_network * | Updating the file storage network settings | |
| filestorage.message.delete cloud_filestorage.message.delete * | Deleting a message |
* The event is deprecated and will soon cease to be recorded in audit logs.
Service secrets
Responsible for secrets in the secrets manager. Secrets can be managed via Secrets API.
| Event name (event_type) | Description | |
|---|---|---|
| Secrets | secrets.secret.create | Creating a secret |
| secrets.secret.update | Updating the description of the secret | |
| secrets.secret.get | Obtaining the secret | |
| secrets.secret.delete | Deleting all secrets in the project | |
| secrets.secret.delete | Secretion removal |
Service certificates
Responsible for certificates in the secret manager. User certificates can be managed through the User Certificates API, and Let's Encrypt® certificates can be managed through the Let's Encrypt® Certificates API.
| Event name (event_type) | Description | |
|---|---|---|
| Certificates | certificates.certificate.upload | Uploading a certificate |
| certificates.certificate.p12.get | Obtaining a key pair | |
| certificates.certificate.private_key.get | Obtaining a private key | |
| certificates.certificate.ca_chain.get | Obtaining CA bandle certificate chain | |
| certificates.certificate.delete | Deleting a certificate | |
| certificates.certificate_name.update | Certificate renewal | |
| certificates.le_certificate.issue | Let's Encrypt® certificate issuance | |
| certificates.le_certificate.delete | Removing a Let's Encrypt® certificate |
Logs service
Responsible for log operations.
| Event name (event_type) | Description | |
|---|---|---|
| Logs | logs.group.create | Creating a log group |
| logs.group.delete | Deleting a group of logs | |
| logs.stream.create | Creating an event stream | |
| logs.stream.delete | Deleting an event stream |
Audit_logs service
Responsible for audit-log operations.
| Event name (event_type) | Description | |
|---|---|---|
| Audit logs | audit_logs.audit_logs.download | Export of audit logs |
Global_router service
Responsible for global router operations.
| Event name (event_type) | Description | |
|---|---|---|
| Global router | global_router.router.create | Creating a router |
| global_router.router.update | Changing the router | |
| global_router.router.delete_init | Initializing router removal | |
| global_router.router.delete | Removing the router | |
| global_router.network.create | Creating a global router network | |
| global_router.network.update | Changing the global router network | |
| global_router.network.delete_init | Initializing global router network deletion | |
| global_router.network.delete | Removing the global router network | |
| global_router.subnet.create | Creating a global router subnet | |
| global_router.subnet.update | Changing the subnet of the global router | |
| global_router.subnet.delete_init | Initializing global router subnet deletion | |
| global_router.subnet.delete | Deleting a global router subnet | |
| global_router.static_route.create | Creating a global router route | |
| global_router.static_route.update | Changing the global router route | |
| global_router.static_route.delete_init | Initializing global router route deletion | |
| global_router.static_route.delete | Deleting a global router route |
Service mks
Responsible for operations on cluster, node groups, and Managed Kubernetes nodes.
| Event name (event_type) | Description | |
|---|---|---|
| Cluster | mks.cluster.init_create | Cluster creation (start of event) |
| mks.cluster.create | Cluster creation (end of event) | |
| mks.cluster.init_delete | Deleting a cluster (event start) | |
| mks.cluster.delete | Deleting a cluster (end of event) | |
| mks.cluster.init_update | Cluster update (start of event) | |
| mks.cluster.update | Cluster update (end of event) | |
| mks.cluster.init_upgrade_minor | Upgrading the minor version of the cluster (start of the event) | |
| mks.cluster.upgrade_minor | Upgrading the minor version of the cluster (end of event) | |
| mks.cluster.init_upgrade_patch | Cluster patch update (start of event) | |
| mks.cluster.upgrade_patch | Cluster patch update (end of event) | |
| mks.cluster_certs.init_rotate | Rotation of cluster certificates (start of event) | |
| mks.cluster_certs.rotate | Rotation of cluster certificates (end of event) | |
| Node group | mks.cluster_nodegroup.init_create | Creating a group of nodes (event start) |
| mks.cluster_nodegroup.create | Creating a group of nodes (event termination) | |
| mks.cluster_nodegroup.init_delete | Deleting a group of nodes (event start) | |
| mks.cluster_nodegroup.delete | Deleting a group of nodes (event termination) | |
| mks.cluster_nodegroup.init_update | Update node group (start of event) | |
| mks.cluster_nodegroup.update | Update node group (end of event) | |
| mks.cluster_nodegroup.init_resize | Changing the size of the node group (event start) | |
| mks.cluster_nodegroup.resize | Changing the size of the node group (event termination) | |
| Noda | mks.cluster_nodegroup_node.init_delete | Deleting a node (event start) |
| mks.cluster_nodegroup_node.delete | Deleting a node (event termination) | |
| mks.cluster_nodegroup_node.init_reinstall | Node reset (event start) | |
| mks.cluster_nodegroup_node.reinstall | Node reset (end of event) |