docs(audit-trail): add new product integration & supported endpoints (#4670)

Author: nerda-codes

macros/audit-trail/iam-endpoints.mdx

@@ -0,0 +1,43 @@
+---
+macro: adt-iam-endpoints
+---
+
+<Concept>
+  ## IAM
+
+  ### IAM supported endpoints
+
+    The following IAM endpoints are supported and will be logged in Audit Trail:
+
+    - CreateSSHKey (`POST /iam/v1alpha1/ssh-keys`)
+    - UpdateSSHKey (`PATCH /iam/v1alpha1/ssh-keys/{ssh_key_id}`)
+    - DeleteSSHKey (`DELETE /iam/v1alpha1/ssh-keys/{ssh_key_id}`)
+    - CreateGroup (`POST /iam/v1alpha1/groups`)
+    - UpdateGroup (`PATCH /iam/v1alpha1/groups/{group_id}`)
+    - DeleteGroup (`DELETE /iam/v1alpha1/groups/{group_id}`)
+    - AddGroupMember (`POST /iam/v1alpha1/groups/{group_id}/add-member`)
+    - AddGroupMembers (`POST /iam/v1alpha1/groups/{group_id}/add-members`)
+    - SetGroupMembers (`PUT /iam/v1alpha1/groups/{group_id}/members`)
+    - RemoveGroupMember (`POST /iam/v1alpha1/groups/{group_id}/remove-member`)
+    - CreateAPIKey (`POST /iam/v1alpha1/api-keys`)
+    - UpdateAPIKey (`PATCH /iam/v1alpha1/api-keys/{access_key}`)
+    - DeleteAPIKey (`DELETE /iam/v1alpha1/api-keys/{access_key}`)
+    - CreateUser (`POST /iam/v1alpha1/users`)
+    - UpdateUser (`PATCH /iam/v1alpha1/users/{user_id}`)
+    - DeleteUser (`DELETE /iam/v1alpha1/users/{user_id}`)
+    - LockMember (`POST /iam/v1alpha1/users/{user_id}/lock`)
+    - CreateMFAOTP (`POST /iam/v1alpha1/users/{user_id}/mfa-otp`)
+    - DeleteMFAOTP (`DELETE /iam/v1alpha1/users/{user_id}/mfa-otp`)
+    - UnlockMember (`POST /iam/v1alpha1/users/{user_id}/unlock`)
+    - UpdateUserPassword (`POST /iam/v1alpha1/users/{user_id}/update-password`)
+    - UpdateUserUsername (`POST /iam/v1alpha1/users/{user_id}/update-username`)
+    - ValidateMFAOTP (`POST /iam/v1alpha1/users/{user_id}/validate-mfa-otp`)
+    - CreateApplication (`POST /iam/v1alpha1/applications`)
+    - UpdateApplication (`PATCH /iam/v1alpha1/applications/{application_id}`)
+    - DeleteApplication (`DELETE /iam/v1alpha1/applications/{application_id}`)
+    - CreatePolicy (`POST /iam/v1alpha1/policies`)
+    - UpdatePolicy (`PATCH /iam/v1alpha1/policies/{policy_id}`)
+    - DeletePolicy (`DELETE /iam/v1alpha1/policies/{policy_id}`)
+    - ClonePolicy (`POST /iam/v1alpha1/policies/{policy_id}/clone`)
+    - SetRules (`PUT /iam/v1alpha1/rules`)
+</Concept>

macros/audit-trail/key-manager-endpoints.mdx

@@ -0,0 +1,22 @@
+---
+macro: adt-key-manager-endpoints
+---
+
+<Concept>
+  ## Key Manager
+
+  ### Key Manager supported endpoints
+
+    The following Key Manager endpoints are supported and will be logged in Audit Trail:
+
+    - CreateKey (`POST /key-manager/v1alpha1/regions/{region}/keys`)
+    - UpdateKey (`PATCH /key-manager/v1alpha1/regions/{region}/keys/{key_id}`)
+    - DeleteKey (`DELETE /key-manager/v1alpha1/regions/{region}/keys/{key_id}`)
+    - ProtectKey (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/protect`)
+    - UnprotectKey (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/unprotect`)
+    - RotateKey (Manual rotation) (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/rotate`)
+    - DisableKey (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/disable`)
+    - EnableKey (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/enable`)
+    - ImportKeyMaterial (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/import-key-material`)
+    - DeleteKeyMaterial (`POST /key-manager/v1alpha1/regions/{region}/keys/{key_id}/delete-key-material`)
+</Concept>

macros/audit-trail/kubernetes-endpoints.mdx

@@ -0,0 +1,33 @@
+---
+macro: adt-kubernetes-endpoints
+---
+
+<Concept>
+  ## Kubernetes
+
+  ### Kubernetes supported endpoints
+
+    The following Kubernetes endpoints are supported and will be logged in Audit Trail:
+
+    - Create a new cluster (`POST /k8s/v1/regions/{region}/clusters`)
+    - Update a cluster (`PATCH /k8s/v1/regions/{region}/clusters/{cluster_id}`)
+    - Delete a cluster (`DELETE /k8s/v1/regions/{region}/clusters/{cluster_id}`)
+    - Migrate a cluster to SBS CSI (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/migrate-to-sbs-csi`)
+    - Reset the admin token of a cluster (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/reset-admin-token`)
+    - Change the cluster type (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/set-type`)
+    - Upgrade a cluster (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/upgrade`)
+    - Create a new pool in a cluster (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/pools`)
+    - Update a pool in a cluster (`PATCH /k8s/v1/regions/{region}/pools/{pool_id}`)
+    - Delete a pool in a cluster (`DELETE /k8s/v1/regions/{region}/pools/{pool_id}`)
+    - Upgrade a pool in a cluster (`POST /k8s/v1/regions/{region}/pools/{pool_id}/upgrade`)
+    - Delete a node in a cluster (`DELETE /k8s/v1/regions/{region}/nodes/{node_id}`)
+    - Reboot a node in a cluster (`POST /k8s/v1/regions/{region}/nodes/{node_id}/reboot`)
+    - Create a Kosmos node (`POST /k8s/v1/regions/{region}/pools/{pool_id}/external-nodes`)
+    - Delete an existing ACL (`DELETE /k8s/v1/regions/{region}/acls/{acl_id}`)
+    - Add new ACLs (`POST /k8s/v1/regions/{region}/clusters/{cluster_id}/acls`)
+    - Set new ACLs (`PUT /k8s/v1/regions/{region}/clusters/{cluster_id}/acls`)
+
+  ### Additional information
+
+    IP addresses are not logged in Audit Trail for Kubernetes events due to security considerations.
+</Concept>

macros/audit-trail/secret-manager-endpoints.mdx

@@ -0,0 +1,23 @@
+---
+macro: adt-secret-manager-endpoints
+---
+
+<Concept>
+  ## Secret Manager
+
+  ### Secret Manager supported endpoints
+
+    The following Secret Manager endpoints are supported and will be logged in Audit Trail:
+
+    - Create a secret (`POST /secret-manager/v1beta1/regions/{region}/secrets`)
+    - Update metadata of a secret (`PATCH /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}`)
+    - Delete a secret (`DELETE /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}`)
+    - Allow a product to use the secret (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/add-owner`)
+    - Enable secret protection (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/protect`)
+    - Disable secret protection (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/unprotect`)
+    - Create a version (`/secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions`)
+    - Update metadata of a version (`PATCH /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions/{revision}`)
+    - Delete a version (`DELETE /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions/{revision}`)
+    - Disable a version (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions/{revision}/disable`)
+    - Enable a version (`POST /secret-manager/v1beta1/regions/{region}/secrets/{secret_id}/versions/{revision}/disable`)
+</Concept>

menu/navigation.json

@@ -514,6 +514,10 @@
                   {
                     "label": "Audit Trail product integration",
                     "slug": "resource-integration-with-adt"
+                  },
+                  {
+                    "label": "Supported endpoints for Audit Trail",
+                    "slug": "adt-supported-endpoints"
                   }
                 ],
                 "label": "Additional Content",

pages/audit-trail/reference-content/adt-supported-endpoints.mdx

@@ -0,0 +1,28 @@
+---
+meta:
+  title: Supported endpoints for Audit Trail
+  description: Discover current Scaleway product integrations and endpoints supported in Audit Trail for event tracking.
+content:
+  h1: Supported endpoints for Audit Trail
+  paragraph: Discover current Scaleway product integrations and endpoints supported in Audit Trail for event tracking.
+tags: audit-trail product-integration products endpoints
+dates:
+  validation: 2025-03-27
+  posted: 2025-03-27
+categories:
+  - identity-and-access-management
+---
+
+This page provides information on the specific endpoints logged in [Audit Trail](/audit-trail/) for Scaleway products. Refer to the [dedicated documentation](/audit-trail/reference-content/resource-integration-with-adt/) for a list of Scaleway products integrated with Audit Trail.
+
+
+<Macro id="adt-iam-endpoints" />
+
+
+<Macro id="adt-key-manager-endpoints" />
+
+
+<Macro id="adt-kubernetes-endpoints" />
+
+
+<Macro id="adt-secret-manager-endpoints" />

pages/audit-trail/reference-content/resource-integration-with-adt.mdx

@@ -7,7 +7,7 @@ content:
   paragraph: Discover current and planned Scaleway product integrations with Audit Trail for event tracking.
 tags: audit-trail product-integration scaleway-resources
 dates:
-  validation: 2024-11-28
+  validation: 2025-03-27
   posted: 2024-11-28
 categories:
   - identity-and-access-management
@@ -17,19 +17,21 @@ The following table provides details about the Scaleway products that are integr
 
 ## Product integration available
 
-| **Product Name**           | **Audit Trail Integration**     |
-|----------------------------|---------------------------------|
-| Secret Manager             | **Integrated**                  |
+| **Product name**           | **Audit Trail integration**     | **Supported endpoints**                                                                                                                           |
+|----------------------------|---------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------|
+| IAM                        | **Integrated**                  | Refer to the [dedicated documentation](/audit-trail/reference-content/adt-supported-endpoints/#iam) to find out which IAM endpoints are supported.|
+| Key Manager                | **Integrated**                  | Refer to the [dedicated documentation](/audit-trail/reference-content/adt-supported-endpoints/#key-manager) to find out which Key Manager endpoints are supported.|
+| Kubernetes                 | **Integrated**                  | Refer to the [dedicated documentation](/audit-trail/reference-content/adt-supported-endpoints/#kubernetes) to find out which Kubernetes endpoints are supported.|
+| Secret Manager             | **Integrated**                  | Refer to the [dedicated documentation](/audit-trail/reference-content/adt-supported-endpoints/#secret-manager) to find out which Secret Manager endpoints are supported.|
+
 
-## Planned product integration 
+## Planned product integration
 
 The following table provides details about the Scaleway products that will be integrated with Audit Trail.
 
 
-| **Product Name**           | **Audit Trail Integration**     |
+| **Product name**           | **Audit Trail integration**     |
 |----------------------------|---------------------------------|
-| Kubernetes                 | **Not integrated yet**                  |
-| IAM                        | **Not integrated yet**                     |
 | Object Storage             | **Not integrated yet**                     |
 | Billing                    | **Not integrated yet**                 |
 | Account                    | **Not integrated yet**                 |
@@ -49,7 +51,6 @@ The following table provides details about the Scaleway products that will be in
 | InterLink                  | **Not integrated yet**                   |
 | IoT Hub                    | **Not integrated yet**                 |
 | IPAM                       | **Not integrated yet**                   |
-| Key Manager                | **Not integrated yet**                   |
 | Labs                       | **Not integrated yet**                   |
 | Load Balancers             | **Not integrated yet**                 |
 | Managed Databases          | **Not integrated yet**                 |