Gardener

Appearance

Edit this page Report an issue

Auditing ​

Packages:

auditing.extensions.gardener.cloud/v1alpha1

AuditBackend

(Appears on:AuditConfiguration)

AuditBackend defines the configuration for a single audit backend. It specifies where audit events should be sent and how they should be delivered.

FieldDescription
deliveryModeDeliveryMode(Optional)

DeliveryMode specifies how messages are delivered to this backend.
"Guaranteed" means the request is considered successful only if this backend succeeds.
"BestEffort" means delivery is attempted but failures don't affect request success.
When only one backend is configured, it is implicitly "Guaranteed".
When multiple backends are configured, exactly one must be "Guaranteed".

httpBackendHTTP

HTTP specifies the configuration for an HTTP-based audit backend.
When configured, audit events will be sent via HTTP to the specified endpoint.

AuditConfiguration

AuditConfiguration contains information about the auditing service configuration.

FieldDescription
backendsAuditBackend array

Backends are all the backends that will receive audit logs.

BackendHTTP

(Appears on:AuditBackend)

BackendHTTP defines the configuration for an HTTP audit backend. This backend sends audit events to a remote HTTP endpoint over HTTPS.

FieldDescription
url string

URL is the HTTP endpoint where audit events will be sent.
This should be a complete HTTPS URL including the protocol, host, and path.

tlsTLSConfig

TLS contains the TLS configuration for secure communication with the HTTP backend.

compression string

Compression defines the compression algorithm to use for the HTTP request body when forwarding
audit events. If unset, no compression is applied. Currently only "gzip" is supported.

TLSConfig

(Appears on:BackendHTTP)

TLSConfig defines the TLS configuration for secure communication.

FieldDescription
secretReferenceName string

SecretReferenceName is the name reference that leads to a Secret containing the TLS configuration.
The secret should contain "client.crt", "client.key" (used for mTLS) and optionally "ca.crt" (used for verifying the server's certificate) keys.

EU and German government funding logos

Funded by the European Union – NextGenerationEU.

The views and opinions expressed are solely those of the author(s) and do not necessarily reflect the views of the European Union or the European Commission. Neither the European Union nor the European Commission can be held responsible for them.

Copyright © Linux Foundation Europe.

Auditing | Gardener is a project of the NeoNephos Foundation. For applicable policies including privacy policy, terms of use and trademark usage guidelines, please see https://linuxfoundation.eu. Linux is a registered trademark of Linus Torvalds.

Building this site is powered by
Terms of Use|Privacy Statement|Legal Disclosure