Google Cloud services write audit logs that record administrative activities and accesses within your Google Cloud resources.
To view audit logs, you must have the appropriate IAM permissions and roles:
Enable data access logging for cloudsql:
> gcloud projects get-iam-policy myproject123 > /tmp/policy.yaml
# Append to policy.yaml
auditConfigs:
- auditLogConfigs:
- logType: DATA_READ
- logType: DATA_WRITE
service: cloudsql.googleapis.com
- exemptedMembers:
- 123456789123-compute@developer.gserviceaccount.com> gcloud projects set-iam-policy myproject123 /tmp/policy.yaml