NEW
Audit
- Overview
- Event structure
- Syslog
- Event types
- ACCOUNT_CREATED
- APPLICATION_CREATED
- RESOURCE_TYPE_CREATED
- TENANT_CREATED
- TENANT_DISPLAY_NAME_UPDATED
- TENANT_DELETED
- USER_CREATED
- USER_EMAIL_UPDATED
- USER_FIRST_NAME_UPDATED
- USER_LAST_NAME_UPDATED
- USER_ENABLED_UPDATED
- USER_PASSWORD_UPDATED
- USER_DELETED
- API_KEY_CREATED
- API_KEY_STATE_UPDATED
- GROUP_CREATED
- GROUP_DISPLAY_NAME_UPDATED
- GROUP_DELETED
- GROUP_MEMBER_ATTACHED
- GROUP_MEMBER_DETACHED
- POOL_CREATED
- POOL_DELETED
- POOL_RESOURCE_ATTACHED
- POOL_RESOURCE_DETACHED
- POLICY_CREATED
- POLICY_DESCRIPTION_UPDATED
- POLICY_STATEMENTS_UPDATED
- POLICY_DELETED
- POLICY_PRINCIPAL_ATTACHED
- POLICY_PRINCIPAL_DETACHED
- RESOURCE_CREATED
- RESOURCE_DELETED
Overview
Auditing is crucial for ensuring accountability and traceability within a system. It involves tracking essential activities related to user, device, or any other type of resource. Auditing provides a structured way to monitor operations for security, compliance, and operational insights. This process allows administrators to track who did what and when for detecting unauthorized actions and understanding system behaviors in case of issues.
Kaa platform supports Syslog as the audit channel for forwarding audit events to the remote audit server.
Event structure
An audit event is a JSON object with a standardized set of fields that captures information about activity within the Kaa platform.
| Field | Type | Description | Example |
|---|---|---|---|
timestamp |
ISO 8601 | Timestamp when event was triggered | 2024-09-18T07:24:43.847059593Z |
type |
string | The type of event that triggered the audit | USER_CREATED |
principalId |
string | ID of the principal who triggered the event | aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s= |
principalType |
string | Type of the principal who triggered the event | user |
resourceId |
string | ID of the audit event’s entity | aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL09zY2Fy |
resourceType |
string | Type of the audit event’s entity | user |
details |
object | Additional details about the event (key-value pairs) | {"name": "Oscar", "email": "oscar@gmail.com"} |
Syslog
Protocol format:
<PRI>TIMESTAMP HOSTNAME APP-NAME PROCID MSG
Example
<86>Sep 18 07:24:43 localhost iamcore[234088]: {"timestamp":"2024-09-18T07:24:43.847059593Z","type":"USER_CREATED","principalType":"user","principalId":"aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=","resourceType":"user","resourceId":"aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL09zY2Fy","details":{"name":"Oscar","email":"oscar@gmail.com"}}
| Field | Description |
|---|---|
PRI |
The value in angle brackets, (<86> in the example above), is called the Priority Value (PRIVAL). It represents two values, Facility and Severity, such that: Priority Value = Facility * 8 + Severity For example, the Priority Value of <86> represents Facility 10 and Severity 6 so that 10 * 8 + 6 = 86. |
TIMESTAMP |
The time the event was created in a format that conforms to ISO 8601 |
HOSTNAME |
Identifies the machine that sent the syslog message and is determined by the syslog process running on Conjur Enterprise. |
APP-NAME |
Identifies the name of the workload sending the log message. |
PROCID |
The Process ID can be used to further identify the sender of a log message. |
MSG |
Audit event. |
Event types
| Type | Description |
|---|---|
| Account management | Â |
| ACCOUNT_CREATED | Indicates that a system account is created during the platform’s initial setup. |
| APPLICATION_CREATED | Indicates that Kaa system application is created during the platform’s initial setup. |
| RESOURCE_TYPE_CREATED | Indicates that Kaa resource types are created during the platform’s setup. |
| TENANT_CREATED | Indicates that a tenant is created. |
| TENANT_DISPLAY_NAME_UPDATED | Indicates that a tenant`s name is updated. |
| TENANT_DELETED | Indicates that a tenant is deleted. |
| Â | Â |
| User management | Â |
| USER_CREATED | Indicates that a user is created on the platform. |
| USER_EMAIL_UPDATED | Indicates that a user`s email is updated. |
| USER_FIRST_NAME_UPDATED | Indicates that a user`s first name is updated. |
| USER_LAST_NAME_UPDATED | Indicates that a user`s last name is updated. |
| USER_ENABLED_UPDATED | Indicates that a user`s state is updated. |
| USER_PASSWORD_UPDATED | Indicates that a user’s password is updated, either through a reset or a change. |
| USER_DELETED | Indicates that a user is deleted. |
| API_KEY_CREATED | Indicates that an Api Key is created for a user. |
| API_KEY_STATE_UPDATED | Indicates that a user’s Api Key state is updated. |
| GROUP_CREATED | Indicates that a group is created. |
| GROUP_DELETED | Indicates that a group is deleted. |
| GROUP_DISPLAY_NAME_UPDATED | Indicates that a group`s name is updated. |
| GROUP_MEMBER_ATTACHED | Indicates that a user is added to a group. |
| GROUP_MEMBER_DETACHED | Indicates that a user is removed from a group. |
| POOL_CREATED | Indicates that a resource group is created. |
| POOL_DELETED | Indicates that a resource group is deleted. |
| POOL_RESOURCE_ATTACHED | Indicates that a resource is added to a resource group. |
| POOL_RESOURCE_DETACHED | Indicates that a resource is removed from a resource group. |
| POLICY_CREATED | Indicates that a policy is created. |
| POLICY_DESCRIPTION_UPDATED | Indicates that a policy`s description is updated. |
| POLICY_STATEMENTS_UPDATED | Indicates that a policy`s statements are updated. |
| POLICY_DELETED | Indicates that a policy is deleted. |
| POLICY_PRINCIPAL_ATTACHED | Indicates that a principal is attached to a policy. |
| POLICY_PRINCIPAL_DETACHED | Indicates that a principal is detached from a policy. |
| Â | Â |
| Resource management | Â |
| RESOURCE_CREATED | Indicates that a resource of a specific type is created on the platform. |
| RESOURCE_DELETED | Indicates that a resource of a specific type is deleted from the platform. |
ACCOUNT_CREATED
Indicates that a system account is created during the platform’s initial setup.
{
"timestamp": "2024-09-23T05:31:49.215956859Z",
"type": "ACCOUNT_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
"resourceType": "account",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OmFjY291bnQvcmM3M2RiaDdxMA==",
"details": {
"email": "admin@gmail.com",
"irn": "irn:rc73dbh7q0:iamcore:::account/rc73dbh7q0",
"issuerId": "c02202db-7e4a-4125-9c14-c72467a6b079"
}
}
APPLICATION_CREATED
Indicates that Kaa system application is created during the platform’s initial setup.
{
"timestamp": "2024-09-23T05:31:57.565798026Z",
"type": "APPLICATION_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
"resourceType": "application",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OmFwcGxpY2F0aW9uL2thYQ==",
"details": {
"displayName": "Kaa",
"irn": "irn:rc73dbh7q0:iamcore:::application/kaa",
"name": "kaa"
}
}
RESOURCE_TYPE_CREATED
Indicates that Kaa resource types are created during the platform’s setup.
{
"timestamp": "2024-09-23T05:32:06.524802484Z",
"type": "RESOURCE_TYPE_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
"resourceType": "resource-type",
"resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjo6cmVzb3VyY2UtdHlwZS9lbmRwb2ludA==",
"details": {
"irn": "irn:rc73dbh7q0:kaa:::resource-type/endpoint",
"description": "Device resource type",
"type": "endpoint",
"actionPrefix": "endpoint",
"application": "irn:rc73dbh7q0:iamcore:::application/kaa",
"operations": [
"read",
"delete"
]
}
}
TENANT_CREATED
Indicates that a tenant is created.
{
"timestamp": "2024-09-23T05:33:09.184410422Z",
"type": "TENANT_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
"resourceType": "tenant",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp0ZW5hbnQvNDdnNWwyaWpjMA==",
"details": {
"accountId": "rc73dbh7q0",
"displayName": "Kaa",
"irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::tenant/47g5l2ijc0",
"loginTheme": "iamcore",
"name": "kaa"
}
}
TENANT_DISPLAY_NAME_UPDATED
Indicates that a tenant`s name is updated.
{
"timestamp": "2024-09-23T05:33:10.949813696Z",
"type": "TENANT_DISPLAY_NAME_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
"resourceType": "tenant",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp0ZW5hbnQvNDdnNWwyaWpjMA==",
"details": {
"newDisplayName": "Kaa Cloud",
"oldDisplayName": "Kaa"
}
}
TENANT_DELETED
Indicates that a tenant is deleted.
{
"timestamp": "2024-09-23T05:33:10.949813696Z",
"type": "TENANT_DELETED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo6OnVzZXIvcm9vdA==",
"resourceType": "tenant",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp0ZW5hbnQvNDdnNWwyaWpjMA=="
}
USER_CREATED
Indicates that a user is created on the platform.
{
"timestamp": "2024-09-18T07:24:43.847059593Z",
"type": "USER_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
"resourceType": "user",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"details": {
"irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/oscar",
"authId": "dde1a9d7-8485-4a49-9e7d-6fd993339b05",
"username": "oscar",
"firstName": "Oscar",
"lastName": "Doe",
"email": "oscar@gmail.com",
"enabled": true,
"tenantId": "47g5l2ijc0"
}
}
USER_EMAIL_UPDATED
Indicates that a user`s email is updated.
{
"timestamp": "2024-09-19T11:00:54.1036762-05:00",
"type": "USER_EMAIL_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
"resourceType": "user",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"details": {
"newEmail": "oscar-doe@gmail.com",
"oldEmail": "oscar@gmail.com"
}
}
USER_FIRST_NAME_UPDATED
Indicates that a user`s first name is updated.
{
"timestamp": "2024-09-19T11:00:54.1036762-05:00",
"type": "USER_FIRST_NAME_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
"resourceType": "user",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"details": {
"newFirstName": "Oscar M",
"oldFirstName": "Oscar"
}
}
USER_LAST_NAME_UPDATED
Indicates that a user`s last name is updated.
{
"timestamp": "2024-09-19T11:00:54.1036762-05:00",
"type": "USER_LAST_NAME_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
"resourceType": "user",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"details": {
"newLastName": "Doe T",
"oldLastName": "Doe"
}
}
USER_ENABLED_UPDATED
Indicates that a user`s state is updated.
{
"timestamp": "2024-09-19T11:00:54.1036762-05:00",
"type": "USER_ENABLED_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
"resourceType": "user",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"details": {
"newEnabled": false,
"oldEnabled": true
}
}
USER_PASSWORD_UPDATED
Indicates that a user’s password is updated, either through a reset or a change.
{
"timestamp": "2024-09-19T11:00:54.1036762-05:00",
"type": "USER_PASSWORD_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
"resourceType": "user",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy"
}
USER_DELETED
Indicates that a user is deleted.
{
"timestamp": "2024-09-19T11:00:54.1036762-05:00",
"type": "USER_DELETED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL0phY2s=",
"resourceType": "user",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy"
}
API_KEY_CREATED
Indicates that an Api Key is created for a user.
{
"timestamp": "2024-09-23T05:31:52.881782158Z",
"type": "API_KEY_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "api-key",
"resourceId": "HRz3icLSAPojohB4PJz0b4OCKXjaDqqZAkJm5KhCxkqLNMHHUbnKhQGRxjw6SuzL",
"details": {
"principal": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/oscar",
"state": "active"
}
}
API_KEY_STATE_UPDATED
Indicates that a user’s Api Key state is updated.
{
"timestamp": "2024-09-23T05:31:55.854325061Z",
"type": "API_KEY_STATE_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "api-key",
"resourceId": "HRz3icLSAPojohB4PJz0b4OCKXjaDqqZAkJm5KhCxkqLNMHHUbnKhQGRxjw6SuzL",
"details": {
"newState": "suspended",
"oldState": "active",
"principal": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/oscar"
}
}
GROUP_CREATED
Indicates that a group is created.
{
"timestamp": "2024-09-23T05:32:36.507289587Z",
"type": "GROUP_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "group",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ==",
"details": {
"displayName": "Java developers",
"irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::group/developer/java",
"name": "java",
"path": "/developer",
"tenantId": "47g5l2ijc0"
}
}
GROUP_DISPLAY_NAME_UPDATED
Indicates that a group`s name is updated.
{
"timestamp": "2024-09-23T05:32:36.507289587Z",
"type": "GROUP_DISPLAY_NAME_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "group",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ==",
"details": {
"newDisplayName": "Java Junior developers",
"oldDisplayName": "Java developers"
}
}
GROUP_DELETED
Indicates that a group is deleted.
{
"timestamp": "2024-09-23T05:32:36.507289587Z",
"type": "GROUP_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "group",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ=="
}
GROUP_MEMBER_ATTACHED
Indicates that a user is added to a group.
{
"timestamp": "2024-09-23T05:32:43.090589379Z",
"type": "GROUP_MEMBER_ATTACHED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "group",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ==",
"details": {
"member": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/Jack"
}
}
GROUP_MEMBER_DETACHED
Indicates that a user is removed from a group.
{
"timestamp": "2024-09-23T05:32:43.090589379Z",
"type": "GROUP_MEMBER_DETACHED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "group",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpncm91cC9kZXZlbG9wZXIvamF2YQ==",
"details": {
"member": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/Jack"
}
}
POOL_CREATED
Indicates that a resource group is created.
{
"timestamp": "2024-09-23T05:32:51.152087477-05:00",
"type": "POOL_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "pool",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb29sL2xhcHRvcA==",
"details": {
"irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::pool/laptop",
"name": "laptop"
}
}
POOL_DELETED
Indicates that a resource group is deleted.
{
"timestamp": "2024-09-23T05:32:51.152087477-05:00",
"type": "POOL_DELETED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "pool",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb29sL2xhcHRvcA=="
}
POOL_RESOURCE_ATTACHED
Indicates that a resource is added to a resource group.
{
"timestamp": "2024-09-23T05:32:51.484213881Z",
"type": "POOL_RESOURCE_ATTACHED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "pool",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb29sL2xhcHRvcA==",
"details": {
"resource": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/nebula-pad"
}
}
POOL_RESOURCE_DETACHED
Indicates that a resource is removed from a resource group.
{
"timestamp": "2024-09-23T05:32:51.484213881Z",
"type": "POOL_RESOURCE_DETACHED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "pool",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb29sL2xhcHRvcA==",
"details": {
"resource": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/nebula-pad"
}
}
POLICY_CREATED
Indicates that a policy is created.
{
"timestamp": "2024-09-23T05:33:00.964473226Z",
"type": "POLICY_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "policy",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
"details": {
"id": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
"irn": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::policy/device-reader",
"name": "device-reader",
"type": "identity",
"origin": "api",
"version": "1.0.0",
"statements": [
{
"Effect": "allow",
"Resources": [
"irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat"
],
"Actions": [
"endpoint:read"
]
}
]
}
}
Specifies that a resource policy is created, granting full permissions to the resource created by the principal.
{
"timestamp": "2024-09-23T05:33:00.964473226Z",
"type": "POLICY_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "policy",
"resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmVuZHBvaW50L3RoZXJtb3N0YXQ=",
"details": {
"description": "Resource policy",
"irn": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat",
"name": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat",
"origin": "api",
"type": "resource",
"version": "1.0.0",
"statements": [
{
"Effect": "allow",
"Principals": [
"irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/oscar"
],
"Resources": [
"irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat"
],
"Actions": [
"*"
]
}
]
}
}
POLICY_DESCRIPTION_UPDATED
Indicates that a policy`s description is updated.
{
"timestamp": "2024-09-23T05:33:00.964473226Z",
"type": "POLICY_DESCRIPTION_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "policy",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
"details": {
"newDescription": "Allow device read access",
"oldDescription": ""
}
}
POLICY_STATEMENTS_UPDATED
Indicates that a policy`s statements are updated.
{
"timestamp": "2024-09-23T05:33:00.964473226Z",
"type": "POLICY_STATEMENTS_UPDATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "policy",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
"details": {
"oldStatements": [
{
"Effect": "allow",
"Resources": [
"irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat"
],
"Actions": [
"endpoint:read"
]
}
],
"newStatements": [
{
"Effect": "deny",
"Resources": [
"irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat"
],
"Actions": [
"endpoint:delete"
]
}
]
}
}
POLICY_DELETED
Indicates that a policy is deleted
{
"timestamp": "2024-09-23T05:33:00.964473226Z",
"type": "POLICY_DELETED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "policy",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg=="
}
POLICY_PRINCIPAL_ATTACHED
Indicates that a principal is attached to a policy.
{
"timestamp": "2024-09-23T05:32:11.581492798Z",
"type": "POLICY_PRINCIPAL_ATTACHED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "policy",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
"details": {
"principal": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/Jack"
}
}
POLICY_PRINCIPAL_DETACHED
Indicates that a principal is detached from a policy.
{
"timestamp": "2024-09-23T05:32:11.581492798Z",
"type": "POLICY_PRINCIPAL_DETACHED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "policy",
"resourceId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjpwb2xpY3kvZGV2aWNlLXJlYWRlcg==",
"details": {
"principal": "irn:rc73dbh7q0:iamcore:47g5l2ijc0::user/Jack"
}
}
RESOURCE_CREATED
Indicates that a resource is created. Each resource type represents a unique entity within the platform.
Examples of resources:
- application
- endpoint
- dashboard
- ui-system
- report
- asset
- asset-type
- rule
- rule-execution-action
- alert-activation-action
- alert-resolution-action
- send-email-action
- ttn-app-integration
- ttn-device-integration
- etc.
The structure of the RESOURCE_CREATED event varies depending on the resource type, but in general it follows the next template.
{
"timestamp": "2024-09-18T07:33:21.588026971z",
"type": "RESOURCE_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "${resource-type}",
"resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmFwcGxpY2F0aW9uL2Nyb2dpZm5yY2diYzczZnY3bWFn",
"details": {
"id": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmFwcGxpY2F0aW9uL2Nyb2dpZm5yY2diYzczZnY3bWFn",
"irn": "irn:rc73dbh7q0:kaa:47g5l2ijc0::${resource-type}/${resourceId}",
"name": "${resourceId}",
"resourceType": "${resource-type}",
"description": "resource description",
"tenantID": "47g5l2ijc0",
"application": "kaa"
}
}
RESOURCE_CREATED event specific examples.
Application created event.
{
"timestamp": "2024-09-18T07:33:21.588026971z",
"type": "RESOURCE_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "application",
"resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmFwcGxpY2F0aW9uL2Nyb2dpZm5yY2diYzczZnY3bWFn",
"details": {
"id": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmFwcGxpY2F0aW9uL2Nyb2dpZm5yY2diYzczZnY3bWFn",
"irn": "irn:rc73dbh7q0:kaa:47g5l2ijc0::application/crogifnrcgbc73fv7mag",
"name": "crogifnrcgbc73fv7mag",
"description": "Energy Consumption application",
"tenantID": "47g5l2ijc0",
"application": "kaa",
"resourceType": "application"
}
}
Device registration event.
{
"timestamp": "2024-09-18T07:33:21.588026971z",
"type": "RESOURCE_CREATED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy",
"resourceType": "endpoint",
"resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmVuZHBvaW50L3RoZXJtb3N0YXQ=",
"details": {
"irn": "irn:rc73dbh7q0:kaa:47g5l2ijc0::endpoint/thermostat",
"name": "thermostat",
"description": "Connected thermostat",
"tenantID": "47g5l2ijc0",
"application": "kaa",
"resourceType": "endpoint"
}
}
RESOURCE_DELETED
{
"timestamp": "2024-09-18T07:33:21.588026971z",
"type": "RESOURCE_DELETED",
"principalType": "user",
"principalId": "aXJuOnJjNzNkYmg3cTA6aWFtY29yZTo0N2c1bDJpamMwOjp1c2VyL29zY2Fy=",
"resourceType": "${resource-type}",
"resourceId": "aXJuOnJjNzNkYmg3cTA6a2FhOjQ3ZzVsMmlqYzA6OmVuZHBvaW50L3RoZXJtb3N0YXQ="
}