How to use AuthorizationPolicy's AUDIT log outside of GKE

Carles · February 3, 2022, 9:15pm

There does not seem to be a lot of information around how to use the AUDIT feature of the AuthorizationPolicy object. Stackdriver is mentioned but there does not seem to be a way to run this without having a GKE account at the least or using a third-party vendor.

Is there any other way to have some tracing or trail of what connectivity is happening when using Authorization Policies?

I found this other dead thread but nothing really helpful on this board (and the invite link for the istio slack seems dead).

Thanks!

liminwang · February 7, 2022, 7:39am

The full support for AUDIT logs currently is only available with StackDriver backend. But the infrastructure is general and can be extended to support any other backends.

Topic		Replies	Views
Exporting Logs to BigQuery, GCS, Pub/Sub through Stackdriver Policies and Telemetry	4	513	February 19, 2022
Audit logs from istio-ingressgateway	3	8992	May 28, 2020
Istio 1.11.1 \| Stackdriver Monitoring Policies and Telemetry	1	470	February 18, 2022
V2 Stackdriver Telemetry and Workload Identity Policies and Telemetry	6	2900	August 22, 2022
Authorizaion Policy Logs Security	0	411	April 27, 2023

How to use AuthorizationPolicy's AUDIT log outside of GKE

Related topics