Logging and monitoring in IAM
Logging and monitoring play critical roles in Identity and Access Management (IAM) within Google Cloud Platform (GCP), providing visibility, auditability, and security for access control activities. IAM logging and monitoring enable organizations to track changes to permissions, monitor access attempts, and detect potential security threats in real-time.
Within GCP, IAM logging allows organizations to record and analyze events related to identity and access management, such as changes to IAM policies, role assignments, and authentication events.
Additionally, IAM logging helps organizations meet compliance requirements by providing an audit trail of access control activities.
Prerequisite
Hardware : GCP
Google Account
IAM logs every details of someone who is interacting with the GCP Console.
It is used to get the answers about the questions like “Who did it?”, “What they did?”, “When they did?”
To see the Audit Logs,
Open Menu > IAM & Admin > Audit Logs
It will show the Audit Logs.
Click on Default Audit Config
In the Log Type, select the Audit Logging options which you don’t want to generate. Click Save
It will disable the logging for the selected services.
Extempted users are the ones whose logging details are not generated.
Click on Extempted Users > Add Extempted User
Add the user mail-id. Select the Log Types. Click done and click save.