Cloud Logging의 규제 지원

이 문서에서는 지원되는 제어 패키지의 제어와 일치하는 Cloud Logging의 기능, 구성, API를 설명합니다. 이 문서에서는 Assured Workloads를 사용한다고 가정합니다.

ITAR의 데이터 경계

지원되는 서비스

다음 표에는 ITAR의 데이터 경계 요구사항을 충족하는 Cloud Logging API 및 버전이 나와 있습니다.

서비스 버전 상태
logging.googleapis.com v2 지원됨

규정 준수 지원 리전

Cloud Logging은 다음 Google Cloud 리전에서 ITAR용 데이터 경계에 사용할 수 있습니다.

  • us-central1
  • us-central1
  • us-central2
  • us-east1
  • us-east4
  • us-east5
  • us-south1
  • us-west1
  • us-west2
  • us-west3
  • us-west4
  • us-central1
  • us-central2
  • us-east1
  • us-east4
  • us-east5
  • us-south1
  • us-west1
  • us-west2
  • us-west3
  • us-west4

민감한 정보의 API 필드

리소스: 리소스 없음

다음 표에는 ITAR의 데이터 경계에 따라 보호되는 데이터를 처리하도록 설계된 API 리소스와 필드가 명시되어 있습니다.

API 메서드 보호된 필드

서비스: logging.googleapis.com

REST API: POST /v2/aggregations:read

RPC 메서드:

  • google.logging.v2.LoggingServiceV2.AggregateLogs
  • filter

서비스: logging.googleapis.com

REST API: POST /v2/data:query

RPC 메서드:

  • google.logging.v2.AnalyticsService.QueryData
  • query.querySteps.queryBuilderQueryStep.parameters.intArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.intValue
  • query.querySteps.queryBuilderQueryStep.parameters.stringArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.fieldSources.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSource.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSourceValue.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.boolValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.nullValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.numberValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.structValue.fields.key
  • query.querySteps.queryBuilderQueryStep.queryBuilder.orderBys.fieldSource.projectedField.regexExtraction
  • query.querySteps.sqlQueryStep.parameters.intArray.values
  • query.querySteps.sqlQueryStep.parameters.intValue
  • query.querySteps.sqlQueryStep.parameters.stringArray.values
  • query.querySteps.sqlQueryStep.parameters.stringValue
  • query.querySteps.sqlQueryStep.sqlQuery

서비스: logging.googleapis.com

REST API: POST /v2/data:queryLocal

RPC 메서드:

  • google.logging.v2.AnalyticsService.QueryDataLocal
  • query.querySteps.queryBuilderQueryStep.parameters.intArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.intValue
  • query.querySteps.queryBuilderQueryStep.parameters.stringArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.fieldSources.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSource.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSourceValue.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.boolValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.nullValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.numberValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.structValue.fields.key
  • query.querySteps.queryBuilderQueryStep.queryBuilder.orderBys.fieldSource.projectedField.regexExtraction
  • query.querySteps.sqlQueryStep.parameters.intArray.values
  • query.querySteps.sqlQueryStep.parameters.intValue
  • query.querySteps.sqlQueryStep.parameters.stringArray.values
  • query.querySteps.sqlQueryStep.parameters.stringValue
  • query.querySteps.sqlQueryStep.sqlQuery

서비스: logging.googleapis.com

REST API: POST /v2/data:querySync

RPC 메서드:

  • google.logging.v2.AnalyticsService.QueryDataSync
  • sqlQueryStep.parameters.intArray.values
  • sqlQueryStep.parameters.intValue
  • sqlQueryStep.parameters.stringArray.values
  • sqlQueryStep.parameters.stringValue
  • sqlQueryStep.sqlQuery

서비스: logging.googleapis.com

REST API: POST /v2/entries:copy

RPC 메서드:

  • google.logging.v2.ConfigServiceV2.CopyLogEntries
  • filter

서비스: logging.googleapis.com

REST API: POST /v2/entries:list

RPC 메서드:

  • google.logging.v2.LoggingServiceV2.ListLogEntries
  • filter

서비스: logging.googleapis.com

REST API: POST /v2/entries:readLegacy

RPC 메서드:

  • google.logging.v2.LoggingServiceV2.ReadLogEntriesLegacy
  • filter

서비스: logging.googleapis.com

REST API: POST /v2/entries:redact

RPC 메서드:

  • google.logging.v2.ConfigServiceV2.RedactLogEntries
  • filter

서비스: logging.googleapis.com

REST API: POST /v2/entries:write

RPC 메서드:

  • google.logging.v2.LoggingServiceV2.WriteLogEntries
  • entries.jsonPayload.fields.key
  • entries.jsonPayload.fields.value.boolValue
  • entries.jsonPayload.fields.value.nullValue
  • entries.jsonPayload.fields.value.numberValue
  • entries.jsonPayload.fields.value.stringValue
  • entries.protoPayload.typeUrl
  • entries.protoPayload.value
  • entries.sourceLocation.file
  • entries.sourceLocation.function
  • entries.textPayload

서비스: logging.googleapis.com

REST API: POST /v2/generation:generateQuery

RPC 메서드:

  • google.logging.v2.AnalyticsService.GenerateQuery
  • prompt

서비스: logging.googleapis.com

REST API: POST /v2/query:extractQueryResources

RPC 메서드:

  • google.logging.v2.AnalyticsService.ExtractQueryResources
  • query

서비스: logging.googleapis.com

REST API: POST /v2/query:translate

RPC 메서드:

  • google.logging.v2.UiSupportService.TranslateQuery
  • filter
  • histogramQuery.fieldNames

서비스: logging.googleapis.com

REST API: POST /v2/query:translateTableNames

RPC 메서드:

  • google.logging.v2.AnalyticsService.TranslateTableNames
  • query

서비스: logging.googleapis.com

REST API: POST /v2/query:validate

RPC 메서드:

  • google.logging.v2.AnalyticsService.ValidateQuery
  • query.querySteps.queryBuilderQueryStep.parameters.intArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.intValue
  • query.querySteps.queryBuilderQueryStep.parameters.stringArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.fieldSources.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSource.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSourceValue.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.boolValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.nullValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.numberValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.structValue.fields.key
  • query.querySteps.queryBuilderQueryStep.queryBuilder.orderBys.fieldSource.projectedField.regexExtraction
  • query.querySteps.sqlQueryStep.parameters.intArray.values
  • query.querySteps.sqlQueryStep.parameters.intValue
  • query.querySteps.sqlQueryStep.parameters.stringArray.values
  • query.querySteps.sqlQueryStep.parameters.stringValue
  • query.querySteps.sqlQueryStep.sqlQuery

서비스: logging.googleapis.com

REST API: POST /v2/query:validateAlerting

RPC 메서드:

  • google.logging.v2.AnalyticsService.ValidateAlertingQuery
  • query.querySteps.queryBuilderQueryStep.parameters.intArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.intValue
  • query.querySteps.queryBuilderQueryStep.parameters.stringArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.fieldSources.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSource.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSourceValue.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.boolValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.nullValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.numberValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.structValue.fields.key
  • query.querySteps.queryBuilderQueryStep.queryBuilder.orderBys.fieldSource.projectedField.regexExtraction
  • query.querySteps.sqlQueryStep.parameters.intArray.values
  • query.querySteps.sqlQueryStep.parameters.intValue
  • query.querySteps.sqlQueryStep.parameters.stringArray.values
  • query.querySteps.sqlQueryStep.parameters.stringValue
  • query.querySteps.sqlQueryStep.sqlQuery

서비스: logging.googleapis.com

REST API: POST /v2/query:validateAndGetExpression

RPC 메서드:

  • google.logging.v2.UiSupportService.ValidateAndGetExpression
  • expression.phrase.values
  • expression.position.endColumn
  • expression.position.endLine
  • expression.position.length
  • expression.position.startColumn
  • expression.position.startLine
  • expression.restriction.comparator
  • expression.subscriptIndex
  • expression.value
  • filter

서비스: logging.googleapis.com

REST API: POST /v2/query:validateLocal

RPC 메서드:

  • google.logging.v2.AnalyticsService.ValidateQueryLocal
  • query.querySteps.queryBuilderQueryStep.parameters.intArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.intValue
  • query.querySteps.queryBuilderQueryStep.parameters.stringArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.fieldSources.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSource.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSourceValue.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.boolValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.nullValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.numberValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.structValue.fields.key
  • query.querySteps.queryBuilderQueryStep.queryBuilder.orderBys.fieldSource.projectedField.regexExtraction
  • query.querySteps.sqlQueryStep.parameters.intArray.values
  • query.querySteps.sqlQueryStep.parameters.intValue
  • query.querySteps.sqlQueryStep.parameters.stringArray.values
  • query.querySteps.sqlQueryStep.parameters.stringValue
  • query.querySteps.sqlQueryStep.sqlQuery

서비스: logging.googleapis.com

REST API: POST /v2/query:validateQueryAlerting

RPC 메서드:

  • google.logging.v2.AnalyticsService.ValidateQueryAlerting
  • query.querySteps.queryBuilderQueryStep.parameters.intArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.intValue
  • query.querySteps.queryBuilderQueryStep.parameters.stringArray.values
  • query.querySteps.queryBuilderQueryStep.parameters.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.fieldSources.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSource.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.fieldSourceValue.projectedField.regexExtraction
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.boolValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.nullValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.numberValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.stringValue
  • query.querySteps.queryBuilderQueryStep.queryBuilder.filter.leafPredicate.literalValue.structValue.fields.key
  • query.querySteps.queryBuilderQueryStep.queryBuilder.orderBys.fieldSource.projectedField.regexExtraction
  • query.querySteps.sqlQueryStep.parameters.intArray.values
  • query.querySteps.sqlQueryStep.parameters.intValue
  • query.querySteps.sqlQueryStep.parameters.stringArray.values
  • query.querySteps.sqlQueryStep.parameters.stringValue
  • query.querySteps.sqlQueryStep.sqlQuery

서비스: logging.googleapis.com

REST API: POST /v2/query:writeRedactedQuery

RPC 메서드:

  • google.logging.v2.AnalyticsService.WriteRedactedQuery
  • queries

서비스: logging.googleapis.com

REST API: POST /v2/searches:suggest

RPC 메서드:

  • google.logging.v2.InsightsService.SuggestSearches
  • fieldValues.fieldValues.value

서비스: logging.googleapis.com

REST API: POST /v2beta1/entries:list

RPC 메서드:

  • google.logging.v2.LoggingServiceV2.ListLogEntries
  • filter

서비스: logging.googleapis.com

REST API: POST /v2beta1/entries:write

RPC 메서드:

  • google.logging.v2.LoggingServiceV2.WriteLogEntries
  • entries.jsonPayload.fields.key
  • entries.jsonPayload.fields.value.boolValue
  • entries.jsonPayload.fields.value.nullValue
  • entries.jsonPayload.fields.value.numberValue
  • entries.jsonPayload.fields.value.stringValue
  • entries.protoPayload.typeUrl
  • entries.protoPayload.value
  • entries.sourceLocation.file
  • entries.sourceLocation.function
  • entries.textPayload

민감한 정보에 적합하지 않은 필드

다음 표에는 민감한 정보에 적합하지 않은 필드 카테고리와 구체적인 필드의 예시 목록이 나와 있습니다. 규정을 준수하려면 보호된 데이터를 이러한 필드에 배치하지 마세요. 전체 목록은 Google Cloud 담당자에게 문의하세요.

카테고리 필드
버킷 세부정보
  • bucket.description
  • bucket.indexConfigs.fieldPath
  • bucket.restrictedFields
  • bucket.tags.key
  • bucket.tags.value
구성 설정
  • bucket.cmekSettings.kmsKey
  • cmekSettings.kmsKeyName
  • settings.defaultStorageLocation
  • settings.kmsKeyName
  • settings.name
  • settings.storageLocation
데이터 필터링 및 선택
  • exclusion.filter
  • filter
  • notificationRule.filter
  • savedQuery.loggingQuery.filter
  • sink.filter
  • view.filter
알림 규칙 설정
  • notificationRule.alertPolicyDetails.condition
  • notificationRule.alertPolicyDetails.userLabels.key
  • notificationRule.alertPolicyDetails.verbosityLabels.key
  • notificationRule.notificationChannels
  • notificationRule.valueExtractors.key
  • notificationRule.valueExtractors.value
페이지로 나누기 및 순서 지정
  • listQuery.orderBy
  • orderBy
  • pageToken
  • savedQuery.opsAnalyticsQuery.queryBuilder.orderBys.field
질문 세부정보
  • analyticsView.sqlQuery
  • query.querySteps.alertingQueryStep.thresholdCondition.valueThreshold.valueColumn
  • query.querySteps.queryBuilderQueryStep.queryBuilder.searchTerm
  • query.querySteps.sqlQueryStep.parameters.name
  • savedQuery.opsAnalyticsQuery.queryBuilder.resourceNames
  • savedQuery.opsAnalyticsQuery.sqlQueryText
리소스 속성
  • internalLabels.key
  • internalLabels.value
  • labels.key
  • labels.value
  • resource.labels.key
  • resource.labels.value
리소스 식별
  • analyticsViewId
  • bucketId
  • linkId
  • name
  • parent
  • viewId
저장된 쿼리 구성
  • savedQuery.description
  • savedQuery.displayName
  • savedQuery.loggingQuery.summaryFields.field
  • savedQuery.opsAnalyticsQuery.queryBuilder.fieldSources.projectedField.regexExtraction
  • savedQuery.opsAnalyticsQuery.queryBuilder.filter.leafPredicate.fieldSource.projectedField.regexExtraction
업데이트 마스크
  • updateMask.paths

다음 단계