-
Notifications
You must be signed in to change notification settings - Fork 258
docs(audit-trail): add new product integration & supported endpoints #4670
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 6 commits
Commits
Show all changes
10 commits
Select commit
Hold shift + click to select a range
4a553af
docs(adt): add new pdct integrations
nerda-codes 52cafda
docs(adt): add endpoint macros
nerda-codes 1e4f07d
docs(adt): add
nerda-codes 6c5a991
docs(adt): add supported endpts info in tab
nerda-codes dc2e0d4
docs(add): feedback cyril
nerda-codes 9d6a939
docs(adt): add k8s ip info
nerda-codes dc79565
docs(adt): date maj
nerda-codes 5389e73
docs(adt): date maj
nerda-codes ea52224
Update macros/audit-trail/iam-endpoints.mdx
nerda-codes 1ebe737
Update macros/audit-trail/iam-endpoints.mdx
nerda-codes File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| --- | ||
| macro: adt-iam-endpoints | ||
| --- | ||
|
|
||
| <Concept> | ||
| ## IAM | ||
|
|
||
| ### IAM supported endpoints | ||
|
|
||
| The following IAM endpoints are supported and will be logged in Audit Trail: | ||
|
|
||
| - CreateSSHKey (`POST /iam/v1alpha1/ssh-keys`) | ||
| - UpdateSSHKey (`PATCH /iam/v1alpha1/ssh-keys/{ssh_key_id}`) | ||
| - DeleteSSHKey (`DELETE /iam/v1alpha1/ssh-keys/{ssh_key_id}`) | ||
| - CreateGroup (`POST /iam/v1alpha1/groups`) | ||
| - UpdateGroup (`PATCH /iam/v1alpha1/groups/{group_id}`) | ||
| - DeleteGroup (`DELETE /iam/v1alpha1/groups/{group_id}`) | ||
| - AddGroupMember (`POST /iam/v1alpha1/groups/{group_id}/add-member`) | ||
| - AddGroupMembers (`POST /iam/v1alpha1/groups/{group_id}/add-members`) | ||
| - SetGroupMembers (`PUT /iam/v1alpha1/groups/{group_id}/members`) | ||
| - RemoveGroupMember (`POST /iam/v1alpha1/groups/{group_id}/remove-member`) | ||
| - CreateAPIKey (`POST /iam/v1alpha1/api-keys`) | ||
| - UpdateAPIKey (`PATCH /iam/v1alpha1/api-keys/{access_key}`) | ||
| - DeleteAPIKey (`DELETE /iam/v1alpha1/api-keys/{access_key}`) | ||
| - CreateUser (`POST /iam/v1alpha1/users`) | ||
| - UpdateUser (`PATCH /iam/v1alpha1/users/{user_id}`) | ||
| - DeleteUser (`DELETE /iam/v1alpha1/users/{user_id}`) | ||
| - LockMember (`POST /iam/v1alpha1/users/{user_id}/lock`) | ||
| - CreateMFAOTP (`POST /iam/v1alpha1/users/{user_id}/mfa-otp`) | ||
| - DeleteMFAOTP (`DELETE /iam/v1alpha1/users/{user_id}/mfa-otp`) | ||
| - UnlockMember (`POST /iam/v1alpha1/users/{user_id}/unlock`) | ||
| - UpdateUserPassword (`POST /iam/v1alpha1/users/{user_id}/update-password`) | ||
| - UpdateUserUsername (`POST /iam/v1alpha1/users/{user_id}/update-username`) | ||
| - ValidateMFAOTP (`POST /iam/v1alpha1/users/{user_id}/validate-mfa-otp`) | ||
| - CreateApplication (`POST /iam/v1alpha1/applications`) | ||
| - UpdateApplication (`PATCH /iam/v1alpha1/applications/{application_id}`) | ||
| - DeleteApplication (`DELETE /iam/v1alpha1/applications/{application_id}`) | ||
| - CreatePolicy (`POST /iam/v1alpha1/policies`) | ||
| - UpdatePolicy (`PATCH /iam/v1alpha1/policies/{policy_id}`) | ||
| - DeletePolicy (`DELETE /iam/v1alpha1/policies/{policy_id}`) | ||
| - ClonePolicy (`POST /iam/v1alpha1/policies/{policy_id}/clone`) | ||
| - SetRules (`PUT /iam/v1alpha1/rules`) | ||
|
|
||
nerda-codes marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
| ### Additional information | ||
|
|
||
| Refer to the [IAM dedicated documentation](link) for more information related to the IAM and Audit Trail integration. | ||
nerda-codes marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
nerda-codes marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
| </Concept> | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| --- | ||
| macro: adt-key-manager-endpoints | ||
| --- | ||
|
|
||
| <Concept> | ||
| ## Key Manager | ||
|
|
||
| ### Key Manager supported endpoints | ||
|
|
||
| The following Key Manager endpoints are supported and will be logged in Audit Trail: | ||
|
|
||
| - CreateKey (`POST /key-manager/v1alpha1/regions/{region}/keys`) | ||
| - UpdateKey (`PATCH /key-manager/v1alpha1/regions/{region}/keys/{key_id}`) | ||
| - DeleteKey (`DELETE /key-manager/v1alpha1/regions/{region}/keys/{key_id}`) | ||
| - ProtectKey (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/protect`) | ||
| - UnprotectKey (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/unprotect`) | ||
| - RotateKey (Manual rotation) (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/rotate`) | ||
| - DisableKey (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/disable`) | ||
| - EnableKey (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/enable`) | ||
| - ImportKeyMaterial (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/import-key-material`) | ||
| - DeleteKeyMaterial (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/delete-key-material`) | ||
| </Concept> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| --- | ||
| macro: adt-kubernetes-endpoints | ||
| --- | ||
|
|
||
| <Concept> | ||
| ## Kubernetes | ||
|
|
||
| ### Kubernetes supported endpoints | ||
|
|
||
| The following Kubernetes endpoints are supported and will be logged in Audit Trail: | ||
|
|
||
| - Create a new cluster (`POST /k8s/v1/regions/{region}/clusters`) | ||
| - Update a cluster (`PATCH /k8s/v1/regions/{region}/clusters/{cluster_id}`) | ||
| - Delete a cluster (`DELETE /k8s/v1/regions/{region}/clusters/{cluster_id}`) | ||
| - Migrate a cluster to SBS CSI (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/migrate-to-sbs-csi`) | ||
nerda-codes marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| - Reset the admin token of a cluster (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/reset-admin-token`) | ||
| - Change the cluster type (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/set-type`) | ||
| - Upgrade a cluster (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/upgrade`) | ||
| - Create a new pool in a cluster (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/pools`) | ||
| - Update a pool in a cluster (`PATCH /k8s/v1/regions/{region}/pools/{pool_id}`) | ||
| - Delete a pool in a cluster (`DELETE /k8s/v1/regions/{region}/pools/{pool_id}`) | ||
| - Upgrade a pool in a cluster (`POST /k8s/v1/regions/{region}/pools/{pool_id}/upgrade`) | ||
| - Delete a node in a cluster (`DELETE /k8s/v1/regions/{region}/nodes/{node_id}`) | ||
| - Reboot a node in a cluster (`POST /k8s/v1/regions/{region}/nodes/{node_id}/reboot`) | ||
| - Create a Kosmos node (`POST /k8s/v1/regions/{region}/pools/{pool_id}/external-nodes`) | ||
| - Delete an existing ACL (`DELETE /k8s/v1/regions/{region}/acls/{acl_id}`) | ||
| - Add new ACLs (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/acls`) | ||
| - Set new ACLs (`PUT /k8s/v1/regions/{region}/clusters/{cluster_id}/acls`) | ||
|
|
||
| ### Additional information | ||
|
|
||
| IP addresses are not logged in Audit Trail for Kubernetes events due to security considerations. | ||
| </Concept> | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| --- | ||
| macro: adt-secret-manager-endpoints | ||
| --- | ||
|
|
||
| <Concept> | ||
| ## Secret Manager | ||
|
|
||
| ### Secret Manager supported endpoints | ||
|
|
||
| The following Secret Manager endpoints are supported and will be logged in Audit Trail: | ||
|
|
||
| - Create a secret (`POST /secret-manager/v1beta1/regions/{region}/secrets`) | ||
| - Update metadata of a secret (`PATCH /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}`) | ||
| - Delete a secret (`DELETE /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}`) | ||
| - Allow a product to use the secret (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/add-owner`) | ||
| - Enable secret protection (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/protect`) | ||
| - Disable secret protection (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/unprotect`) | ||
| - Create a version (`/secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions`) | ||
| - Update metadata of a version (`PATCH /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions/{revision}`) | ||
| - Delete a version (`DELETE /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions/{revision}`) | ||
| - Disable a version (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions/{revision}/disable`) | ||
| - Enable a version (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions/{revision}/disable`) | ||
| </Concept> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
28 changes: 28 additions & 0 deletions
28
pages/audit-trail/reference-content/adt-supported-endpoints.mdx
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| --- | ||
| meta: | ||
| title: Supported endpoints for Audit Trail | ||
| description: Discover current Scaleway product integrations and endpoints supported in Audit Trail for event tracking. | ||
| content: | ||
| h1: Supported endpoints for Audit Trail | ||
| paragraph: Discover current Scaleway product integrations and endpoints supported in Audit Trail for event tracking. | ||
| tags: audit-trail product-integration products endpoints | ||
| dates: | ||
| validation: 2025-03-20 | ||
| posted: 2025-03-20 | ||
| categories: | ||
| - identity-and-access-management | ||
| --- | ||
|
|
||
| This page provides information on the specific endpoints logged in [Audit Trail](/audit-trail/) for Scaleway products. Refer to the [dedicated documentation](/audit-trail/reference-content/resource-integration-with-adt/) for a list of Scaleway products integrated with Audit Trail. | ||
|
|
||
|
|
||
| <Macro id="adt-iam-endpoints" /> | ||
|
|
||
|
|
||
| <Macro id="adt-key-manager-endpoints" /> | ||
|
|
||
|
|
||
| <Macro id="adt-kubernetes-endpoints" /> | ||
|
|
||
|
|
||
| <Macro id="adt-secret-manager-endpoints" /> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.