Assigned
Status Update
No update yet.
Comments
ba...@google.com
ba...@google.com
I have forwarded this request to the engineering team. We will update this issue with any progress updates and a resolution.
Description
What you would like to accomplish:
We would like to be able to see the principal email of who is trying to access their protected resources of the VPC SC
How this might work:
When an error log of VPC SC is ingested on Cloud Logging instead of redacting the principal email make this field viable in order to diagnose who is the user that is being access denied
If applicable, reasons why alternative solutions are not sufficient:
Currently the audit log information of the principal email is being redacted with three dots [...]
Other information (workarounds you have tried, documentation consulted, etc): This is documented onhttps://cloud.google.com/logging/docs/audit#user-id:~:text=following%20redaction%20occurs%3A-,Parts%20of%20the%20caller%20email%20addresses%20might%20be%20redacted%20and%20replaced%20by%20three%20period%20characters%20....,-Some%20caller%20email