Once you have created a CAM sub-user for your employees and granted them permissions, they can log in to the Tencent Cloud Console using the CAM sub-user credentials, or use the CAM sub-user key to access and operate resources under your account via the cloud API. When a large number of employees need to log in to Tencent Cloud and access resources simultaneously, you may need to understand the following information:
Which resources have been accessed by the employees?
Have the employees encountered any issues during their operations?
Which employee purchased a particular resource?
How to view the modification records of resource configurations?
How to track sensitive operations?
Are the employees accessing Tencent Cloud within the environment you have specified?
At this point, you can use CloudAudit to view and track the operation records of your employees. CloudAudit supports online viewing of Tencent Cloud console and cloud API operation records within the past 90 days.
Preparations
1. You have created a sub-user. For more information, see Create a Sub-User.
2. You have logged in to the CloudAudit Console and navigated to the Operation Record page.
Instructions
Viewing Event Details in Operation Record
You can filter by "Operator" to search according to the CAM sub-user/role, and view the operation records of specific employees.
In the detailed log summary, identify the actual operating account ID and name through the user field, and check the operation source through the source IP address.
In the detailed log information, you can identify the actual operating account ID through the principalId.
If you need to view a longer history of employee operation records, you can utilize the tracking set feature of CloudAudit to deliver logs to a Cloud Object Storage (COS) bucket or CLS.
When shipping to CLS, you can select specific operations for a designated product (such as sensitive operations) and configure alerting policies within CLS.
Setting up cross-account log delivery for group accounts
If you have multiple primary accounts on Tencent Cloud, you can use CloudAudit tracking sets to centrally track and view operation records. For detailed operations, see: Setting up cross-account log delivery for group accounts.
