NavigationContentFooter

Audit Trail API

Introduction

Scaleway Audit Trail is a tool that holds a record of events and changes performed within a Scaleway Organization. It helps you ensure accountability and security by recording activity across all your resources (identity of the principal, date of activity, source IP address, API method used, and status of the request).

You can use Audit Trail for troubleshooting, compliance verification, and analysis in the event of a breach.

Concepts

Refer to our dedicated concepts page to find definitions of the different terms referring to Audit Trail.

Quickstart

To start using Audit Trail you need to configure the AuditTrailReadOnly or the OrganizationManager permission sets in IAM. The OrganizationManager permission set is included in the Administrator group which is created by default whenever a new Organization is created. The scope of these permission sets is at Organization level.

  1. Configure your environment variables.

    Note

    This is an optional step that seeks to simplify your usage of the Audit Trail API.

    export ACCESS_KEY="<access-key>"
    export SECRET_KEY="<secret-key>"
    export REGION="<region>"
  2. Create an IAM policy. Replace the parameter values in the request payload with the details of your principal.

    curl -X POST \
    -H "Content-Type: application/json" \
    -H "X-Auth-Token: $SCW_SECRET_KEY" https://api.scaleway.com/iam/v1alpha1/policies \
    -d '{
    "name": "policy-audit-trail",
    "description": "This policy grants read access to Audit Trail in my Organization to the user matching the userID defined below",
    "organization_id": "123e4567-e89b-12d3-a456-426614174000",
    "rules": [
    {
    "permission_set_names": [
    "AuditTrailReadOnly"
    ],
    "organization_id": "123e4567-e89b-12d3-a456-426614174000"
    }
    ],
    "user_id": "987f6543-21ba-43dc-b678-567812345678"
    }'
    ParameterDescription
    nameREQUIRED The name of your new policy
    descriptionThe description of your policy
    organization_idThe ID of your Scaleway Organization
    rulesThe rules of your policy
    permission_set_namesThe permission sets you want to grant. You can either list all permission sets using the IAM API or find a complete list in the permission sets documentation page
    organization_idThe ID of the Scaleway Organization where you want your permission sets to apply. You can add one as the scope of your policy
    user_idThe ID of the user you are granting access to
    Note

    To learn more about IAM policies, refer to our dedicated IAM policies reference page.

  3. Run the following command to retrieve the list of Scaleway products for which you have Audit Trail events.

    curl --request GET \
    --url https://api.scaleway.com/audit-trail/v1alpha1/$REGION/fr-par/products \
    --header "X-Auth-Token: $SCW_SECRET_KEY"
  4. Run the following command to list your Audit Trail events.

    curl --request GET \
    --url "https://api.scaleway.com/audit-trail/v1alpha1/regions/$REGION/events?organization_id=123e4567-e89b-12d3-a456-426614174000" \
    --header "X-Auth-Token: $SCW_SECRET_KEY"
    Note

    Only events that happened within the last hour will be returned in the output. If no events appear, make sure that you have created Scaleway resources in the targeted region. Find out more about troubleshooting Audit Trail issues in our dedidcated documentation.

Requirements
  • You have your Organization and your Project ID
  • You have created an API key
  • You have installed curl
  • You have created an API key and that the API key has sufficient IAM permissions to perform the actions described on this page
  • You have created Scaleway products integrated with Audit Trail

Technical information

Regions

Scaleway's infrastructure spans different regions and Availability Zones.

Audit Trail is available in the Paris, and Amsterdam regions, which are represented by the following path parameters:

  • fr-par
  • nl-ams

Technical limitations

Audit Trail is only integrated with Secret Manager. Find out about product integration with Audit Trail in our dedicated documentation.

Going further

For more information about Audit Trail, you can check out the following pages:

  • Audit Trail Documentation
  • Scaleway Slack Community join the #audit-trail channel
  • Contact our support team.

Events

An event is a record of any activity related to your Scaleway resources, encompassing actions by users, applications, or Scaleway.

GET
/audit-trail/v1alpha1/regions/{region}/events
GET
/audit-trail/v1alpha1/regions/{region}/products
API DocsScaleway consoleDedibox consoleScaleway LearningScaleway.comPricingBlogCareers
© 2023-2024 – Scaleway