Key Concepts
KakaoCloud Cloud Trail is a service that automatically collects and records user activities. It allows you to track various user activities such as logins and resource creation, modification, and deletion at an event level, and manage activity information.
Manage IAM roles
Role management for the Cloud Trail service follows KakaoCloud's IAM Role-Based Access Control (RBAC). By default, users with project roles (Project Admin, Project Member, Project Leader) can view project events. Users with the organization role of Organization Admin or the Cloud Trail-specific role of Trail Viewer can also view organization events for the organization to which the project belongs. For details on roles and user role management, refer to IAM > Key Concepts and Manage user IAM roles.
You can check your assigned roles in the KakaoCloud Console > Profile (top right) > Organization Role or Project Role.
Organization role
Users with a project role who also hold the following organization roles can view both project and organization events.
| Permission | Organization Admin | Trail Viewer |
|---|---|---|
| View organization events | ✓ | ✓ |
| View project events | ✓ | ✓ |
Project role
| Permission | Project Admin | Project Member | Project Leader |
|---|---|---|---|
| View organization events | |||
| View project events | ✓ | ✓ | ✓ |
Key concepts
Key terms for the Cloud Trail service are as follows:
| Key Term | Description |
|---|---|
| Event | The unit for recording user activity. - Categorized into organization/project events. - Includes information such as occurrence date, event name, user, service, and logs. |
| Organization Event | Events occurring in organization-level services. - Viewable only by IAM roles: Organization Admin or Trail Viewer. - Examples: Project creation, project deletion, billing inquiries. |
| Project Event | Events occurring in project-level services. - Viewable by all users within the project. - Examples: Resource creation, resource deletion. |
| User | The account that performed the activity recorded in the event. - Identifies the subject of the activity, such as the creator of a resource. |
| Service Name | The service where the event occurred (e.g., Virtual Machine, IAM). |
| Resource Type | The type of resource within the service where the event occurred. |
| Resource Name | The specific name of the resource where the event occurred. |
| Event Log | Event log in JSON format. |
For a detailed explanation of KakaoCloud console IAM role types, please refer to IAM Roles.