To retrieve the audit logs for your subaccount using the Audit Log Viewer service, you need to have proper authorizations. See https://docs.cloudfoundry.org/concepts/roles.html#permissionsInformation, published on a non-SAP site.
-
Create a RoleCollection.
-
Search for roles with the name "Auditlog_Auditor" and select both entries with the following application identifiers:
- auditlog-management!b*
- auditlog-viewer!t*
-
Assign the role to a user or create a rule to assign it to users based on the SAML Assertion coming from the IDP.
Only account members with the Security Administrator role are authorized to edit application authorizations.
Related Information