Events in audit logs

Last update: July 31 2025

In audit logs, an event is a record of a create, modify, or delete operation with resources and entities.Also, reads of sensitive data — passwords, certificates, and so on — are recorded in audit logs.

An event has a fixed structure and can be of different types.

Event structure

The event has a JSON structure:

{
  "event_saved_time": "string",
  "event_id": "string",
  "event_type": "string",
  "event_time": "string",
  "status": "string",
  "error_code": "string",
  "request_id": "string",
  "subject": {
    "subject_id": "string",
    "subject_type": "string",
    "subject_name": "string",
    "subject_auth_provider": "string",
    "subject_is_authorized": boolean,
    "subject_authorized_by": ["string", "string"],
    "subject_credentials_fingerprint": "string"
  },
  "resource": {
    "resource_id": "string",
    "resource_type": "string",
    "resource_name": "string",
    "resource_account_id": "string",
    "resource_project_id": "string",
    "resource_location": "string",
    "resource_changes_old_values": {},
    "resource_changes_new_values": {}
    }
  },
  "source_type": {"string"},
  "request": {
    "request_remote_address": "string",
    "request_user_agent": "string",
    "request_type": "string",
    "request_path": "string",
    "request_method": "string",
    "request_parameters": "string"
  },
  "schema_version": "1.0"
}

Some fields are optional and may not be present in the event.Also, some fields have reserved values.

Event Fields

Field	Description	Data type	Mandatory
event_id	Unique event identifier	String	✓
event_type	Event type, the full list can be found in the Event Types subsection	String	✓
event_time	Event time in ISO8601 format with timezone	String	✓
event_saved_time	Time of event saving in audit logs in ISO8601 format with timezone	String	✓
status	Event Status. Possible values: I don't know; fail; I'm sorry; NA (not applicable) — none of the statuses are applicable to the event	String	✓
error_code	Error code	String	✗
request_id	Unique event chain identifier or request identifier	String	✓
subject	Information about the subject — service or user who performed the operation	Object	✓
subject_id	Unique identifier of the subject of the action. Example formats: 12345_13423; 3112f9b7aec64fe49700c7cd0f5f6ddc. With subject_id you can identify the user.If the value could not be retrieved, undefined will be specified	String	✓
subject_type	Subject Type. Possible values: employee — Selectel employee; user — control panel user; service_user — service user; service — Selectel service	String	✓
subject_name	Subject Name	String	✗
subject_auth_provider	The authentication provider of the subject. Possible values: keystone — IAM token; api_key — static token; session — session identifier	String	✗
subject_is_authorized	Authorization result	Logical	✓
subject_authorized_by	A set of roles and other authorization attributes with which the request was authorized	Array of strings	✗
subject_credentials_fingerprint	The fingerprint of the secret with which the request was authorized	String	✗
resource	The object of an action is an entity on which the subject performed an operation. The object can be a resource (server, disk), user, role, account, etc.	Object	✓
resource_id	Unique object identifier	String	✓
resource_type	Type of object	String	✓
resource_name	Object Name	String	✗
resource_account_id	Account ID	String	✓
resource_project_id	Project ID	String	✗
resource_location	The data center, availability zone, or pool in which the subject is located	String	✗
resource_changes	Changes that have occurred to the subject	Object	✗
resource_changes_old_values	Set of old values of subject attributes	Object	✗
resource_changes_new_values	Set of new values of subject attributes	Object	✓
source	The service that recorded the change	Object	✓
source_type	The name of the product, service or service in which the event occurred	String	✓
request	Request information	Object	✓
request_remote_address	IP address from which the request came	String	✗
request_user_agent	User Agent of the event subject	String	✗
request_type	Query Type. Possible values: http; grpc; queue; internal	String	✓
request_path	Path to the resource where the event occurred	String	✗
request_method	Query method	String	✗
request_parameters	Query parameters	String	✗
schema_version	Fixed value — 1.0	String	✓

Reserved values

If the value of a field cannot be determined by the log source services — for example, if an error occurred during the execution of an action, or if the object has not yet been created and there is no resource_id — the reserved value undefined is used .

It can be specified by the fields:

• subject_id;
• subject_type;
• resource_id;
• resource_type;
• resource_account_id.

Event types (event_type)

In Audit Logs, event types are grouped by services that are responsible for different parts of the products.With services, you can filter events in the log upload through the dashboard and Audit Logs API.

The list of products that support audit logs, services, and event types will continue to grow.

Product or management area	Services
Account, users, projects and accesses	iam
Billing, payment information	legal billing
Cloud platform	cloud_network quota_management cloud_compute cloud_blockstorage cloud_filestorage cloud_load_balancer
The manager of secrets	secrets certificates
Logging Platform	logs
Audit logs	audit_logs
Global router	global_router

iam service

Responsible for operations in the account, with users, projects and accesses.Some of them (e.g. users and their keys) can be managed through the IAM API.

	Event name (event_type)	Description
Account *	iam.account.init_action	Authentication when performing certain actions. Contains information about the subject. Combined with the main event through the request_id field
	iam.account.email_confirmation	Confirmation of e-mail address when registering an account
	iam.account.phone_confirmation	Confirmation of phone number when registering an account
	iam.account.fill	Filling in account details
	iam.account.delete	Account Deletion
	iam.account.update	Changing account details
Account Login	iam.user.login	User login to the account
	iam.user_password.check	User password entry
	iam.user.logout	Log the user out of the account
	iam.user_2fa_code.verify	2FA entry attempt
	iam.user_session.reset_all_other	Reset all sessions except the current session
	iam.user_session.reset_all_within_browser	Log out of all accounts to which you are logged in in the browser
	iam.user_session.reset_all	Forced session termination by the system
Password	iam.user_password.reset_request	Request an e-mail with a link to reset the password
	iam.user_password.reset_apply	Resetting a password and creating a new password
	iam.user_password.update	Password change
Two-factor authentication	iam.user_2fa.enable	Enabling two-factor authentication
	iam.user_2fa.disable	Turning off two-factor authentication
	iam.user_2fa_code.send	Requesting a two-factor authentication code
	iam.user_2fa_backup_codes.create	Creating backup codes
	iam.user_2fa_otp.enable	Connecting login via an authenticator application
	iam.user_2fa_email.enable	Connecting login via e-mail
	iam.user_2fa_sms.enable	Connecting login via SMS
	iam.user_2fa_backup_codes.enable	Connecting the input using backup codes and creating them
	iam.user_2fa_otp.disable	Disabling logging in via an authenticator application
	iam.user_2fa_email.disable	Disabling login via email
	iam.user_2fa_sms.disable	Disabling login via SMS
Control panel users *	iam.user_profile.create	Creating a new user profile
	iam.user.email_confirmation	New user registration via the link from the invitation letter
	iam.federated_user_profile.create	Creating a federated user profile
	iam.user.phone_confirmation	Confirming phone number when registering a new user
	iam.user_profile.fill	Filling in the user's profile data
	iam.user_profile.update	User updates his profile data
	iam.federated_user_profile.update	Updating federated user profile data
	iam.user_profile.delete	Deleting a user profile
	iam.federated_user_profile.delete	Deleting a federated user profile
	iam.user_subscription.add	Adding a notification category to a user
	iam.user_subscription.delete	Deleting a user's notification category
	iam.user.create	Creating a control panel user
	iam.user.delete	Deleting a control panel user
	iam.user_role.add	Assigning roles to a control panel user
	iam.user_role.remove	Deleting roles from a control panel user
	iam.user_group.add	Assigning groups to a control panel user
	iam.user_group.remove	Deleting groups from a control panel user
Service users	iam.service_user.create	Creating a service user
	iam.service_user.update	Service user update
	iam.service_user.delete	Deleting a service user
	iam.service_user_role.add	Assigning roles to the service user
	iam.service_user_role.remove	Deleting roles from a service user
	iam.service_user_group.add	Assigning groups to a service user
	iam.service_user_group.remove	Deleting groups from a service user
User group	iam.group.create	Creating a user group
	iam.group.update	Updating a user group
	iam.group.delete	Deleting a user group
	iam.group_user.add	Adding users to a group
	iam.group_user.remove	Deleting users from a group
	iam.group_role.add	Assigning roles to a user group
	iam.group_role.remove	Deleting roles from a group of users
Federations	iam.federation.create	Establishment of a federation
	iam.federation.update	Changing the federation
	iam.federation.delete	Removal of the federation
	iam.federation_cert.create	Creating a federation certificate
	iam.federation_cert.update	Updating the federation certificate
	iam.federation_cert.delete	Deleting a federation certificate
Projects	iam.project.create	Project Creation
	iam.project.update	Project Update
	iam.project_domain.detach	Deleting a project domain
	iam.project.delete	Deleting a project
IAM tokens	iam.auth_token.create	Issuance of IAM token
	iam.auth_token.delete	Revocation of IAM token
S3 keys	iam.user_credentials.add	Creating an S3 key for the control panel user
	iam.user_credentials.remove	Deleting an S3 key from a control panel user
	iam.service_user_credential.add	Creating an S3 key for a service user
	iam.service_user_credential.remove	Deleting the S3 key from a service user
Static tokens	iam.api_key.create	Creating a static token
	iam.api_key.update	Updating a static token
	iam.api_key.enable	Activating a static token
	iam.api_key.disable	Deactivating a static token
	iam.api_key.delete	Deleting a static token
ACL	iam.acl.enable	Enabling ACLs
	iam.acl.disable	Turning off ACLs
	iam.acl_ip.create	Creating an ACL rule
	iam.acl_ip.delete	Deleting an ACL rule

* In these events, detailed information about the subject is provided in a paired authentication event.In it, events with type iam.account.init_action are combined with the main event via the request_id.

Service legal

Responsible for transactions with the contract customer, the paying party.

	Event name (event_type)	Description
Customer under the contract	legal.payer.create	Creation of a customer
	legal.payer.update	Updating customer data
	legal.payer.reorganization	Reorganization of the customer's company

Billing service

Responsible for transactions that occur with resources when resources are deferred, unpaid, or repaid.

In billing service events, detailed information about the subject is provided in the paired authentication event.In it, events with type iam.account.init_action are combined with the main event via the request_id field.

	Event name (event_type)	Description
Cloud platform financial signals	billing.block_signal.apply	Blocking a resource
	billing.unblock_signal.apply	Unlocking a resource
	billing.restrict_signal.apply	Restricting access to the resource
	billing.unrestrict_signal.apply	Removing restrictions on access to the resource
	billing.delete_signal.apply	Deleting a resource
Deferred payment	billing.soft_grace_policy.enable	Connection of deferred payment
	billing.soft_grace_policy.disable	Disabling deferred payment
	billing.soft_grace_signal.apply	Activation of deferred payment
	billing.unsoft_grace_signal.apply	Completion of active deferred payment arrangements

Cloud_network service

Responsible for cloud platform network operations.

	Event name (event_type)	Description
Public subnets	cloud_network.subnet.create	Creating a public subnet
	cloud_network.subnet.update	Changing the public subnet
	cloud_network.subnet.delete	Deleting a public subnet
	cloud_network.subnet.init_create	Adding a public subnet to the project
	cloud_network.subnet.init_delete	Removing a public subnet from the project
Subnetwork pools	cloud_network.subnetpool.create	Creating a subnetwork pool
	cloud_network.subnetpool.update	Changing the subnet pool
	cloud_network.subnetpool.delete	Deleting a subnetwork pool
Address spaces	cloud_network.address_scope.create	Creating an address space
	cloud_network.address_scope.update	Changing the address space
	cloud_network.address_scope.delete	Address space deletion
Address groups	cloud_network.address_group.create	Creating an address group
	cloud_network.address_group.update	Changing the address group
	cloud_network.address_group.delete	Deleting an address group
Public IP addresses	cloud_network.floatingip.create	Creating a public IP address
	cloud_network.floatingip.update.	Changing the public IP address (including assigning to a port or disconnecting from a port)
	cloud_network.floatingip.delete	Deleting a public IP address
	cloud_network.floatingip.init_create	Adding a public IP address to the project
	cloud_network.floatingip.init_delete	Removing a public IP address from the project
Ports	cloud_network.port.create	Creating a port
	cloud_network.port.update	Port change
	cloud_network.port.delete	Port removal
	cloud_network.port_forwarding.create	Creating a port forwarder
	cloud_network.port_forwarding.update	Changing port forwarding
	cloud_network.port_forwarding.delete	Removing port forwarding
Networks	cloud_network.network.create	Networking
	cloud_network.network.update	Network change
	cloud_network.network.delete	Network removal
Routers	cloud_network.router.create	Creating a router
	cloud_network.router.update	Changing the router
	cloud_network.router.delete	Removing the router
	cloud_network.router.add_router_interface	Connecting a port or subnet to the router
	cloud_network.router.remove_router_interface	Disconnecting a port or subnet from the router
Security groups	cloud_network.security_group.create	Establishment of a security team
	cloud_network.security_group.update	Changing the security group
	cloud_network.security_group.delete	Deleting a security group
	cloud_network.security_group_rule.create	Creating a safety group rule
	cloud_network.security_group_rule.delete	Deletion of the security group rule
Resource access policies	cloud_network.rbac_policy.create	Creating an access policy
	cloud_network.rbac_policy.update	Changing the access policy
	cloud_network.rbac_policy.delete	Deleting an access policy
Cloud firewalls	cloud_network.firewall.create	Creating a firewall
	cloud_network.firewall.update	Changing the firewall
	cloud_network.firewall.delete	Uninstalling the firewall
	cloud_network.firewall_rule.create	Creating a firewall rule
	cloud_network.firewall_rule.delete	Deleting a firewall rule
	cloud_network.firewall_rule.update	Firewall rule change
	cloud_network.firewall_policy.create	Creating a firewall policy
	cloud_network.firewall_policy.update	Changing the firewall policy
	cloud_network.firewall_policy.delete	Deleting a firewall policy

Service quota_manager

Responsible for project quota operations.Quotas can be managed via Quota Management API.

	Event name (event_type)	Description
quotas	quota_manager.project.update	Updating quotas

Cloud_compute service

Responsible for cloud server operations.

	Event name (event_type)	Description
SSH keys (keypairs)	cloud_compute.keypair.bulk_create	Creating a key pair (bulk operation)
	cloud_compute.keypair.bulk_delete	Deleting a key pair (bulk operation)
	cloud_compute.keypair.create	Creating or importing a key pair
	cloud_compute.keypair.delete	Deleting a key pair
Cloud servers	cloud_compute.server.init_delete	Initializing cloud server deletion
	cloud_compute.server.init_rebuild	Initializing cloud server recreation
	cloud_compute.server.create	Creating a cloud server
	cloud_compute.server.update	Updating cloud server information
	cloud_compute.server.delete	Deleting a cloud server (in soft mode)
	cloud_compute.server.add_floatingip	Adding a public IP address to a cloud server
	cloud_compute.server.remove_floatingip	Disconnecting a public IP address from a cloud server
	cloud_compute.server.add_fixedip	Adding a fixed IP address to a cloud server
	cloud_compute.server.remove_fixedip	Disconnecting a fixed IP address from a cloud server
	cloud_compute.server.add_security_group	Adding a security group to a cloud server
	cloud_compute.server.remove_security_group	Disconnecting the security group from the cloud server
	cloud_compute.server.set_admin_password	Changing the cloud server OS administrator password
	cloud_compute.server.resize	Starting a cloud server configuration change
	cloud_compute.server.confirm_resize	Confirming a cloud server configuration change
	cloud_compute.server.revert_resize	Cancel cloud server configuration changes
	cloud_compute.server.create_backup	Creating a cloud server backup
	cloud_compute.server.create_image	Creating a cloud server disk image
	cloud_compute.server.lock	Cloud server blocking
	cloud_compute.server.unlock.	Unlocking a cloud server
	cloud_compute.server.pause	Pausing the cloud server
	cloud_compute.server.unpause	Pausing a cloud server
	cloud_compute.server.reboot	Cloud server reboot
	cloud_compute.server.rebuild	Cloud server rebuild
	cloud_compute.server.rescue	Starting Rescue mode for a cloud server
	cloud_compute.server.unrescue	Taking the cloud server out of Rescue mode
	cloud_compute.server.start	Enabling the cloud server
	cloud_compute.server.stop	Shutting down the cloud server
	cloud_compute.server.get_console_output	Cloud Server Output Console Query
	cloud_compute.server.shelve	Cloud server freeze
	cloud_compute.server.unshelve	Cloud server unfreezing
	cloud_compute.server.trigger_crash_dump	Running a cloud server crash dump
	cloud_compute.server.create_serial_console	Creating a Cloud Server Serial Console
	cloud_compute.server.create_spice_console	Creating a SPICE console of a cloud server
	cloud_compute.server.create_vnc_console	Creating a cloud server VNC console
	cloud_compute.server.create_rdp_console	Creating a cloud server RDP console
	cloud_compute.server.create_console	Creating a cloud server console
	cloud_compute.server.create_metadata	Creating cloud server metadata
	cloud_compute.server.update_metadata	Updating cloud server metadata
	cloud_compute.server.update_metadata_item	Updating the cloud server metadata property
	cloud_compute.server.delete_metadata_item	Deleting a cloud server metadata property
	cloud_compute.server.attach_interface	Creating an interface and connecting it to the cloud server
	cloud_compute.server.detach_interface	Disconnecting the interface from the cloud server
	cloud_compute.server.clear_admin_password	Resetting the OS administrator password from the metadata server
	cloud_compute.server.attach_volume	Connecting a network drive to a cloud server
	cloud_compute.server.detach_volume	Disconnecting a network drive from a cloud server
	cloud_compute.server.update_volume_attachment	Updates information about the disk connection to the cloud server
	cloud_compute.server.replace_all_tags	Replacing the cloud server tag set
	cloud_compute.server.add_tag	Adding a tag to a cloud server
	cloud_compute.server.delete_all_tags	Deleting all cloud server tags
	cloud_compute.server.delete_tag	Deleting the cloud server tag
	cloud_compute.server.leave_server_group	Removing a cloud server from a placement group
Flavors	cloud_compute.flavor.create	Creating a flavor
	cloud_compute.flavor.delete	Flavor removal
Accommodation groups	cloud_compute.server_group.create	Creating a placement group
	cloud_compute.server_group.delete	Deleting a placement group
Public IP addresses	cloud_compute.floatingip.create.	Creating a public IP address
	cloud_compute.floatingip.delete.	Deleting a public IP address
Network disks	cloud_compute.volume.create	Creating a network disk
	cloud_compute.volume.delete	Deleting a network drive
Snapshots	cloud_compute.snapshot.create	Creating a network disk snapshot
	cloud_compute.snapshot.delete	Deleting a network drive snapshot
Images	cloud_compute.image.delete	Deleting an image
	cloud_compute.image.create_metadata	Creating image metadata
	cloud_compute.image.update_metadata	Updating image metadata
	cloud_compute.image.update_metadata_item	Updating the image metadata property
	cloud_compute.image.delete_metadata_item	Deleting the image metadata property
Security groups	cloud_compute.security_group.create	Establishment of a security team
	cloud_compute.security_group.update	Updating the security group
	cloud_compute.security_group.delete	Deleting a security group
	cloud_compute.security_group_rule.create	Creating a rule in a safety group
	cloud_compute.security_group_rule.delete	Deleting a rule in a security group

Cloud_blockstorage service

Responsible for cloud server network disk operations.

	Event name (event_type)	Description
Network disks	cloud_blockstorage.volume_attachment.create	Creating a disk connection to a cloud server
	cloud_blockstorage.volume_attachment.delete	Removing a disk connection to a cloud server
	cloud_blockstorage.volume_attachment.update	Updating the disk connection to the cloud server
	cloud_blockstorage.volume_attachment.complete	Marking the disk connection to the cloud server ready
	cloud_blockstorage.volume_metadata.create	Creating disk metadata
	cloud_blockstorage.volume_metadata.update	Updating disk metadata
	cloud_blockstorage.volume_metadata.update_key	Updating disk metadata by key
	cloud_blockstorage.volume_metadata.delete	Delete disk metadata
	cloud_blockstorage.volume.revert	Resetting a disk to a snapshot
	cloud_blockstorage.quota.update	Updating project quotas (disks, snapshots, etc.)
	cloud_blockstorage.volume_transfer.create	Creating a disk move to another project
	cloud_blockstorage.volume_transfer.delete	Deleting a disk move to another project
	cloud_blockstorage.volume_transfer.update	Confirming moving a disk to another project
	cloud_blockstorage.volume.create_image	Creating an image from a disk
	cloud_blockstorage.volume.create	Disk creation
	cloud_blockstorage.volume.delete	Disk removal
	cloud_blockstorage.volume.read_image_metadata	Reading image metadata for a disk
	cloud_blockstorage.volume.delete_forced	Forced disk removal
	cloud_blockstorage.volume.read_metadata	Reading disk metadata
	cloud_blockstorage.volume.update	Changing disk attributes (for example, renaming)
	cloud_blockstorage.volume.attach	Connecting the disk to a cloud server
	cloud_blockstorage.volume.detach	Disconnecting the disk from the cloud server
	cloud_blockstorage.volume.detach_forced	Forcing the disk to disconnect from the cloud server
	cloud_blockstorage.volume.extend	Increasing disk capacity
	cloud_blockstorage.volume.reimage	Recreating a disk from an image
	cloud_blockstorage.volume.detach_abort	Changing the disk status to IN-USE
	cloud_blockstorage.volume.detach_init	Initializing the change of disk status to detaching
	cloud_blockstorage.volume.attach_init	Initializing the drive connection to the cloud server
	cloud_blockstorage.volume.reserve	Backing up a disk to connect to a cloud server
	cloud_blockstorage.volume.unreserve	Disk de-provisioning to connect to a cloud server
	cloud_blockstorage.volume.update_readonly_mark	Transferring a disk to or from read-only mode
	cloud_blockstorage.volume.update_bootable_mark	Changing the bootable label on a disk
	cloud_blockstorage.volume.update_image_metadata	Adding image metadata to a disk
	cloud_blockstorage.volume.update_metadata	Adding records to disk metadata
	cloud_blockstorage.volume.update_status	Changing the status of a network drive
	cloud_blockstorage.volume.attach_terminate	Forcibly disconnecting a network drive from a cloud server
	cloud_blockstorage.volume.delete_metadata	Delete keyed records from disk metadata
	cloud_blockstorage.volume.delete_image_metadata	Delete image metadata from a disk by key
Snapshots	cloud_blockstorage.snapshot.create	Creating a disk snapshot
	cloud_blockstorage.snapshot.update	Changing snapshot parameters (renaming)
	cloud_blockstorage.snapshot.delete	Deleting a disk snapshot
	cloud_blockstorage.snapshot.update_status	Changing the status of a snapshot
	cloud_blockstorage.snapshot_metadata.create	Creating snapshot metadata
	cloud_blockstorage.snapshot_metadata.update	Updating snapshot metadata
	cloud_blockstorage.snapshot_metadata.update_key	Updating snapshot metadata by key
	cloud_blockstorage.snapshot_metadata.delete	Deleting snapshot metadata
Backups	cloud_blockstorage.backup.create	Creating a backup
	cloud_blockstorage.backup.create_ondemand	Creating backup by button (on_demand)
	cloud_blockstorage.backup.delete	Deleting a backup
	cloud_blockstorage.backup.delete_forced	Forced deletion of backup
	cloud_blockstorage.backup.restore	Restore from backup
	cloud_blockstorage.backup.update	Updating the backup
	cloud_blockstorage.backup.reset_status	Resetting the backup status
Images	cloud_blockstorage.image.create	Image creation
	cloud_blockstorage.image.delete	Deleting an image
	cloud_blockstorage.image.update	Updating the image
	cloud_blockstorage.image.upload	Uploading an image
	cloud_blockstorage.image.deactivate	Deactivating the image
	cloud_blockstorage.image.reactivate	Reactivating the image
	cloud_blockstorage.image.import	Downloading an image (e.g. from a link)
	cloud_blockstorage.image_member.create	Requesting access to an image for another project
	cloud_blockstorage.image_member.delete	Deleting image access for another project
	cloud_blockstorage.image_member.update	Update the status of accessing an image from another project
	cloud_blockstorage.image_tag.create	Creating a tag for an image
	cloud_blockstorage.image_tag.delete	Deleting a tag for an image
	cloud_blockstorage.image.validate_url	Validating the image before downloading by link
	cloud_blockstorage.image.validate_file	Validating the image before downloading from a file

Cloud_filestorage service

Responsible for file storage operations.

	Event name (event_type)	Description
File storage	cloud_filestorage.access_rule_metadata.update	Modifying file storage access rule metadata
	cloud_filestorage.access_rule_metadata.delete	Deleting file storage access rule metadata
	cloud_filestorage.share_network.create	Creating a network connection for file storage
	cloud_filestorage.share_network.delete	Removing the network for file storage
	cloud_filestorage.share_network.update	Changing the network for file storage
	cloud_filestorage.share_network_subnet.create	Creating a subnet for file storage
	cloud_filestorage.share_network_subnet.delete	Deleting a subnet for file storage
	cloud_filestorage.metadata.create	Adding file storage metadata
	cloud_filestorage.metadata.update	Changing file storage metadata
	cloud_filestorage.metadata.delete	Deleting a file storage metadata attribute
	cloud_filestorage.share.allow	Adding an access rule for file storage
	cloud_filestorage.share.deny	Deleting an access rule for file storage
	cloud_filestorage.share.create	Creating file storage
	cloud_filestorage.share.delete	Deleting file storage
	cloud_filestorage.share.update	Changing file storage attributes (e.g., renaming)
	cloud_filestorage.share.extend	Increasing file storage capacity
	cloud_filestorage.share.reload_network	Updating the file storage network settings
	cloud_filestorage.message.delete	Deleting a message

Cloud_load_balancer service

Responsible for operations with cloud load balancers.

	Event name (event_type)	Description
Load balancer	cloud_load_balancer.load_balancer.create	Creating a balancer
	cloud_load_balancer.load_balancer.update	Changing the balancer
	cloud_load_balancer.load_balancer.delete	Removing the balancer
	cloud_load_balancer.load_balancer.failover	Starting the rebuild of the balancer
	cloud_load_balancer.load_balancer_log_offloading.update	Control of balancer log unloading
	cloud_load_balancer.load_balancer_log_offloading.delete	Disabling balancer log upload
	cloud_load_balancer.member.create	Creating a Pool Member balancer
	cloud_load_balancer.member.update	Changing the Pool Member of the balancer
	cloud_load_balancer.member.delete	Removing the Pool Member balancer
	cloud_load_balancer.pool.create	Creating a balancer task force
	cloud_load_balancer.pool.update	Changing the balancer's target group
	cloud_load_balancer.pool.delete	Deleting a balancer target group
	cloud_load_balancer.listener.create	Creating a balancer rule
	cloud_load_balancer.listener.update	Balancer rule change
	cloud_load_balancer.listener.delete	Deleting a balancer rule
	cloud_load_balancer.l7policy.create	Creating HTTP policy of the balancer
	cloud_load_balancer.l7policy.update	Changing HTTP policy of the balancer
	cloud_load_balancer.l7policy.delete	Removing HTTP policy of the balancer
	cloud_load_balancer.rule.create	Creating L7-rule balancer
	cloud_load_balancer.rule.update	Changing the L7-rule of the balancer
	cloud_load_balancer.rule.delete	Deletion of L7 balancer rules
	cloud_load_balancer.healthmonitor.create	Creating a balancer availability check
	cloud_load_balancer.healthmonitor.update	Changing the balancer availability check
	cloud_load_balancer.healthmonitor.delete	Removing the balancer availability check
	cloud_load_balancer.amphorae.delete.	Deleting a balancer instance
	cloud_load_balancer.amphorae.failover	Starting the rebuild of the balancer instance

Service secrets

Responsible for secrets in the secrets manager. Secrets can be managed via the Secrets API.

	Event name (event_type)	Description
Secrets	secrets.secret.create	Ordering services
	secrets.secret.fetch	Order activation
	secrets.secret.delete	Order deactivation

Service certificates

Responsible for certificates in the secret manager.You can manage user certificates through the User Certificates API and Let's Encrypt® certificates through the Let's Encrypt® Certificates API.

	Event name (event_type)	Description
Certificates	certificates.certificate.upload	Uploading a certificate
	certificates.certificate.p12.get	Obtaining a key pair
	certificates.certificate.private_key.get	Obtaining a private key
	certificates.certificate.ca_chain.get	Obtaining CA bandle certificate chain
	certificates.certificate.delete	Deleting a certificate
	certificates.certificate_name.update	Certificate renewal
	certificates.le_certificate.issue	Let's Encrypt® certificate issuance
	certificates.le_certificate.delete	Removing a Let's Encrypt® certificate

Logs service

Responsible for operations in the logging platform.You can manage the logging platform through the Cloud Logging API.

	Event name (event_type)	Description
Logs	cloud_logging.group.create	Creating a log group
	cloud_logging.group.delete	Deleting a group of logs
	cloud_logging.stream.create	Creating an event stream
	cloud_logging.stream.delete	Deleting an event stream

Audit_logs service

Responsible for audit-log operations.

	Event name (event_type)	Description
Audit logs	audit_logs.audit_logs.download	Export of audit logs

Global_router service

Responsible for global router operations.

	Event name (event_type)	Description
Global router	global_router.router.create	Creating a router
	global_router.router.update	Changing the router
	global_router.router.delete_init	Initializing router deletion
	global_router.router.delete	Removing the router
	global_router.network.create	Creating a global router network
	global_router.network.update	Changing the global router network
	global_router.network.delete_init	Initializing global router network deletion
	global_router.network.delete	Removing the global router network
	global_router.subnet.create	Creating a global router subnet
	global_router.subnet.update	Changing the subnet of the global router
	global_router.subnet.delete_init	Initializing global router subnet deletion
	global_router.subnet.delete	Deleting a global router subnet
	global_router.static_route.create	Creating a global router route
	global_router.static_route.update	Changing the global router route
	global_router.static_route.delete_init	Initializing global router route deletion
	global_router.static_route.delete	Deleting a global router route