Rename fields, fix ToDo's and linter issues

2026-02-16 12:51:44 +00:00 · 2024-08-01 07:50:48 +02:00 · 2024-08-01 07:50:48 +02:00 · db9440206f
commit db9440206f
parent fd8892aad8
15 changed files with 671 additions and 582 deletions
--- a/README.md
+++ b/README.md
@ -200,3 +200,4 @@ Python) will be extracted into separate repositories.
 - Clarify if `client.go` file can be used for licence / legal reasons  
 - Extraction of python / java configurations and code  
 - Clean up repo (delete main.go, etc. files)
 - Update dependencies
--- a/audit/api/api_common.go
+++ b/audit/api/api_common.go
@ -111,7 +111,7 @@ func validateAndSerializePartially(
 	}
 	routableEvent := auditV1.RoutableAuditEvent{
-		EventName:        event.ProtoPayload.MethodName,
+		OperationName:    event.ProtoPayload.OperationName,
 		ObjectIdentifier: routableIdentifier.ToObjectIdentifier(),
 		Visibility:       visibility,
 		Data:             &auditV1.RoutableAuditEvent_UnencryptedData{UnencryptedData: &payload},
--- a/audit/api/api_legacy.go
+++ b/audit/api/api_legacy.go
@ -5,7 +5,6 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
 	"github.com/google/uuid"
 	"net/url"
 	"time"
@ -138,18 +137,16 @@ func (a *LegacyAuditApi) ValidateAndSerializeWithTrace(
 	}
 	message := CloudEvent{
-		SpecVersion: "1.0",
+		SpecVersion:     "1.0",
-		Source:      event.ProtoPayload.ServiceName,
+		Source:          event.ProtoPayload.ServiceName,
-		// TODO what is the correct id?
+		Id:              event.InsertId,
 		Id:              uuid.NewString(),
 		Time:            event.ProtoPayload.RequestMetadata.RequestAttributes.Time.AsTime(),
 		DataContentType: ContentTypeCloudEventsProtobuf,
 		DataType:        fmt.Sprintf("%v", routableEvent.ProtoReflect().Descriptor().FullName()),
-		// TODO check if this is correct
+		Subject:         event.ProtoPayload.ResourceName,
-		Subject:     event.ProtoPayload.ResourceName,
+		Data:            legacyBytes,
-		Data:        legacyBytes,
+		TraceParent:     traceParent,
-		TraceParent: traceParent,
+		TraceState:      traceState,
 		TraceState:  traceState,
 	}
 	return &message, nil
 }
@ -300,23 +297,23 @@ func (a *LegacyAuditApi) convertAndSerializeIntoLegacyFormat(
 	// Severity
 	var severity string
 	switch event.Severity {
-	case auditV1.LogSeverity_DEFAULT:
+	case auditV1.LogSeverity_LOG_SEVERITY_DEFAULT:
 		fallthrough
-	case auditV1.LogSeverity_DEBUG:
+	case auditV1.LogSeverity_LOG_SEVERITY_DEBUG:
 		fallthrough
-	case auditV1.LogSeverity_INFO:
+	case auditV1.LogSeverity_LOG_SEVERITY_INFO:
 		fallthrough
-	case auditV1.LogSeverity_NOTICE:
+	case auditV1.LogSeverity_LOG_SEVERITY_NOTICE:
 		fallthrough
-	case auditV1.LogSeverity_WARNING:
+	case auditV1.LogSeverity_LOG_SEVERITY_WARNING:
 		severity = "INFO"
-	case auditV1.LogSeverity_ERROR:
+	case auditV1.LogSeverity_LOG_SEVERITY_ERROR:
 		fallthrough
-	case auditV1.LogSeverity_CRITICAL:
+	case auditV1.LogSeverity_LOG_SEVERITY_CRITICAL:
 		fallthrough
-	case auditV1.LogSeverity_ALERT:
+	case auditV1.LogSeverity_LOG_SEVERITY_ALERT:
 		fallthrough
-	case auditV1.LogSeverity_EMERGENCY:
+	case auditV1.LogSeverity_LOG_SEVERITY_EMERGENCY:
 		severity = "ERROR"
 	default:
 		return nil, ErrUnsupportedSeverity
@ -328,7 +325,7 @@ func (a *LegacyAuditApi) convertAndSerializeIntoLegacyFormat(
 		Visibility:      visibility,
 		EventType:       eventType,
 		EventTimeStamp:  event.ProtoPayload.RequestMetadata.RequestAttributes.Time.AsTime(),
-		EventName:       event.ProtoPayload.MethodName,
+		EventName:       event.ProtoPayload.OperationName,
 		SourceIpAddress: sourceIpAddress,
 		UserAgent:       userAgent,
 		Initiator: LegacyAuditEventPrincipal{
@ -338,12 +335,10 @@ func (a *LegacyAuditApi) convertAndSerializeIntoLegacyFormat(
 		ServiceAccountDelegationInfo: serviceAccountDelegationInfo,
 		Request:                      request,
 		Context:                      messageContext,
-		// TODO clarify
+		ResourceName:                 &event.ProtoPayload.ResourceName,
-		ResourceId:    &event.LogName,
+		CorrelationId:                event.CorrelationId,
-		ResourceName:  &event.ProtoPayload.ResourceName,
+		Result:                       &result,
-		CorrelationId: event.CorrelationId,
+		Details:                      &details,
 		Result:        &result,
 		Details:       &details,
 	}
 	bytes, err := json.Marshal(legacyAuditEvent)
--- a/audit/api/api_legacy_test.go
+++ b/audit/api/api_legacy_test.go
@ -330,7 +330,7 @@ func TestLegacyAuditApi(t *testing.T) {
 		var auditEvent LegacyAuditEvent
 		assert.NoError(t, json.Unmarshal(message.Data[0], &auditEvent))
-		assert.Equal(t, event.ProtoPayload.MethodName, auditEvent.EventName)
+		assert.Equal(t, event.ProtoPayload.OperationName, auditEvent.EventName)
 		assert.Equal(t, event.ProtoPayload.RequestMetadata.RequestAttributes.Time.AsTime(), auditEvent.EventTimeStamp)
 		assert.Equal(t, event.ProtoPayload.AuthenticationInfo.PrincipalId, auditEvent.Initiator.Id)
 		assert.Equal(t, "SYSTEM_EVENT", auditEvent.EventType)
@ -400,29 +400,29 @@ func validateSentMessage(
 	var severity string
 	switch event.Severity {
-	case auditV1.LogSeverity_DEFAULT:
+	case auditV1.LogSeverity_LOG_SEVERITY_DEFAULT:
 		fallthrough
-	case auditV1.LogSeverity_DEBUG:
+	case auditV1.LogSeverity_LOG_SEVERITY_DEBUG:
 		fallthrough
-	case auditV1.LogSeverity_INFO:
+	case auditV1.LogSeverity_LOG_SEVERITY_INFO:
 		fallthrough
-	case auditV1.LogSeverity_NOTICE:
+	case auditV1.LogSeverity_LOG_SEVERITY_NOTICE:
 		fallthrough
-	case auditV1.LogSeverity_WARNING:
+	case auditV1.LogSeverity_LOG_SEVERITY_WARNING:
 		severity = "INFO"
-	case auditV1.LogSeverity_ERROR:
+	case auditV1.LogSeverity_LOG_SEVERITY_ERROR:
 		fallthrough
-	case auditV1.LogSeverity_CRITICAL:
+	case auditV1.LogSeverity_LOG_SEVERITY_CRITICAL:
 		fallthrough
-	case auditV1.LogSeverity_ALERT:
+	case auditV1.LogSeverity_LOG_SEVERITY_ALERT:
 		fallthrough
-	case auditV1.LogSeverity_EMERGENCY:
+	case auditV1.LogSeverity_LOG_SEVERITY_EMERGENCY:
 		severity = "ERROR"
 	default:
 		assert.Fail(t, "unknown log severity")
 	}
-	assert.Equal(t, event.ProtoPayload.MethodName, auditEvent.EventName)
+	assert.Equal(t, event.ProtoPayload.OperationName, auditEvent.EventName)
 	assert.Equal(t, event.ProtoPayload.RequestMetadata.RequestAttributes.Time.AsTime(), auditEvent.EventTimeStamp)
 	assert.Equal(t, event.ProtoPayload.AuthenticationInfo.PrincipalId, auditEvent.Initiator.Id)
 	assert.Equal(t, "ADMIN_ACTIVITY", auditEvent.EventType)
@ -450,7 +450,7 @@ func validateSentMessageWithDetails(
 	var auditEvent LegacyAuditEvent
 	assert.NoError(t, json.Unmarshal(message.Data[0], &auditEvent))
-	assert.Equal(t, event.ProtoPayload.MethodName, auditEvent.EventName)
+	assert.Equal(t, event.ProtoPayload.OperationName, auditEvent.EventName)
 	assert.Equal(t, event.ProtoPayload.RequestMetadata.RequestAttributes.Time.AsTime(), auditEvent.EventTimeStamp)
 	assert.Equal(t, event.ProtoPayload.AuthenticationInfo.PrincipalId, auditEvent.Initiator.Id)
 	assert.Equal(t, "ADMIN_ACTIVITY", auditEvent.EventType)
@ -552,7 +552,7 @@ func TestLegacyAuditApi_ConvertAndSerializeIntoLegacyFormatInvalidObjectIdentifi
 func TestLegacyAuditApi_ConvertAndSerializeIntoLegacyFormat_NoObjectIdentifier(t *testing.T) {
 	event, _ := NewProjectAuditEvent(nil)
 	routableEvent := auditV1.RoutableAuditEvent{
-		EventName:        event.ProtoPayload.MethodName,
+		OperationName:    event.ProtoPayload.OperationName,
 		Visibility:       auditV1.Visibility_VISIBILITY_PUBLIC,
 		ObjectIdentifier: nil,
 		Data:             nil,
--- a/audit/api/api_mock.go
+++ b/audit/api/api_mock.go
@ -3,7 +3,6 @@ package api
 import (
 	"context"
 	"fmt"
 	"github.com/google/uuid"
 	"google.golang.org/protobuf/proto"
 	auditV1 "dev.azure.com/schwarzit/schwarzit.stackit-core-platform/common-audit.git/gen/go/audit/v1"
@ -83,18 +82,16 @@ func (a *MockAuditApi) ValidateAndSerializeWithTrace(
 	}
 	message := CloudEvent{
-		SpecVersion: "1.0",
+		SpecVersion:     "1.0",
-		Source:      event.ProtoPayload.ServiceName,
+		Source:          event.ProtoPayload.ServiceName,
-		// TODO what is the correct id?
+		Id:              event.InsertId,
 		Id:              uuid.NewString(),
 		Time:            event.ProtoPayload.RequestMetadata.RequestAttributes.Time.AsTime(),
 		DataContentType: "application/cloudevents+protobuf",
 		DataType:        fmt.Sprintf("%v", routableEvent.ProtoReflect().Descriptor().FullName()),
-		// TODO check if this is correct
+		Subject:         event.ProtoPayload.ResourceName,
-		Subject:     event.ProtoPayload.ResourceName,
+		Data:            routableEventBytes,
-		Data:        routableEventBytes,
+		TraceParent:     traceParent,
-		TraceParent: traceParent,
+		TraceState:      traceState,
 		TraceState:  traceState,
 	}
 	return &message, nil
--- a/audit/api/api_mock_test.go
+++ b/audit/api/api_mock_test.go
@ -32,7 +32,7 @@ func TestMockAuditApi_Log(t *testing.T) {
 		assert.NoError(t, err)
 		validateRoutableEventPayload(
-			t, cloudEvent.Data, objectIdentifier, event, event.ProtoPayload.MethodName, visibility)
+			t, cloudEvent.Data, objectIdentifier, event, event.ProtoPayload.OperationName, visibility)
 	})
 	t.Run("ValidateAndSerialize event nil", func(t *testing.T) {
--- a/audit/api/api_routable.go
+++ b/audit/api/api_routable.go
@ -4,7 +4,6 @@ import (
 	"context"
 	"errors"
 	"fmt"
 	"github.com/google/uuid"
 	"google.golang.org/protobuf/proto"
 	"dev.azure.com/schwarzit/schwarzit.stackit-core-platform/common-audit.git/audit/messaging"
@ -165,18 +164,16 @@ func (a *routableAuditApi) ValidateAndSerializeWithTrace(
 	}
 	message := CloudEvent{
-		SpecVersion: "1.0",
+		SpecVersion:     "1.0",
-		Source:      event.ProtoPayload.ServiceName,
+		Source:          event.ProtoPayload.ServiceName,
-		// TODO what is the correct id?
+		Id:              event.InsertId,
 		Id:              uuid.NewString(),
 		Time:            event.ProtoPayload.RequestMetadata.RequestAttributes.Time.AsTime(),
 		DataContentType: ContentTypeCloudEventsProtobuf,
 		DataType:        fmt.Sprintf("%v", routableEvent.ProtoReflect().Descriptor().FullName()),
-		// TODO check if this is correct
+		Subject:         event.ProtoPayload.ResourceName,
-		Subject:     event.ProtoPayload.ResourceName,
+		Data:            routableEventBytes,
-		Data:        routableEventBytes,
+		TraceParent:     traceParent,
-		TraceParent: traceParent,
+		TraceState:      traceState,
 		TraceState:  traceState,
 	}
 	return &message, nil
--- a/audit/api/api_routable_test.go
+++ b/audit/api/api_routable_test.go
@ -389,7 +389,7 @@ func validateSentEvent(
 	message *amqp.Message,
 	objectIdentifier *auditV1.ObjectIdentifier,
 	event *auditV1.AuditLogEntry,
-	eventName string,
+	operationName string,
 	visibility auditV1.Visibility,
 	traceParent *string,
 	traceState *string,
@ -414,7 +414,7 @@ func validateSentEvent(
 	// Check deserialized message
 	validateRoutableEventPayload(
-		t, message.Data[0], objectIdentifier, event, eventName, visibility)
+		t, message.Data[0], objectIdentifier, event, operationName, visibility)
 }
 func validateRoutableEventPayload(
@ -422,7 +422,7 @@ func validateRoutableEventPayload(
 	payload []byte,
 	objectIdentifier *auditV1.ObjectIdentifier,
 	event *auditV1.AuditLogEntry,
-	eventName string,
+	operationName string,
 	visibility auditV1.Visibility,
 ) {
@ -430,7 +430,7 @@ func validateRoutableEventPayload(
 	var routableAuditEvent auditV1.RoutableAuditEvent
 	assert.NoError(t, proto.Unmarshal(payload, &routableAuditEvent))
-	assert.Equal(t, eventName, routableAuditEvent.EventName)
+	assert.Equal(t, operationName, routableAuditEvent.OperationName)
 	assert.Equal(t, visibility, routableAuditEvent.Visibility)
 	assert.True(t, proto.Equal(objectIdentifier, routableAuditEvent.ObjectIdentifier))
--- a/audit/api/test_data.go
+++ b/audit/api/test_data.go
@ -36,9 +36,9 @@ func NewOrganizationAuditEvent(
 	auditEvent := &auditV1.AuditLogEntry{
 		LogName: fmt.Sprintf("%s/%s/logs/%s", PluralTypeOrganization, identifier, EventTypeAdminActivity),
 		ProtoPayload: &auditV1.AuditLog{
-			ServiceName:  "resource-manager",
+			ServiceName:   "resource-manager",
-			MethodName:   "stackit.resourcemanager.v2.organization.created",
+			OperationName: "stackit.resourcemanager.v2.organization.created",
-			ResourceName: fmt.Sprintf("%s/%s", PluralTypeOrganization, identifier),
+			ResourceName:  fmt.Sprintf("%s/%s", PluralTypeOrganization, identifier),
 			AuthenticationInfo: &auditV1.AuthenticationInfo{
 				PrincipalId:                  uuid.NewString(),
 				PrincipalEmail:               "user@example.com",
@ -55,7 +55,7 @@ func NewOrganizationAuditEvent(
 				CallerSuppliedUserAgent: "OpenAPI-Generator/ 1.0.0/ go",
 				RequestAttributes: &auditV1.AttributeContext_Request{
 					Id:       &requestId,
-					Method:   "POST",
+					Method:   auditV1.AttributeContext_HTTP_METHOD_POST,
 					Headers:  headers,
 					Path:     "/v2/organizations",
 					Host:     "stackit-resource-manager-dev.apps.01.cf.eu01.stackit.cloud",
@ -84,7 +84,7 @@ func NewOrganizationAuditEvent(
 		Labels:        labels,
 		CorrelationId: &correlationId,
 		Timestamp:     timestamppb.New(time.Now()),
-		Severity:      auditV1.LogSeverity_DEFAULT,
+		Severity:      auditV1.LogSeverity_LOG_SEVERITY_DEFAULT,
 		TraceParent:   nil,
 		TraceState:    nil,
 	}
@ -125,9 +125,9 @@ func NewFolderAuditEvent(
 	auditEvent := &auditV1.AuditLogEntry{
 		LogName: fmt.Sprintf("%s/%s/logs/%s", PluralTypeFolder, identifier, EventTypeAdminActivity),
 		ProtoPayload: &auditV1.AuditLog{
-			ServiceName:  "resource-manager",
+			ServiceName:   "resource-manager",
-			MethodName:   "stackit.resourcemanager.v2.folder.created",
+			OperationName: "stackit.resourcemanager.v2.folder.created",
-			ResourceName: fmt.Sprintf("%s/%s", PluralTypeFolder, identifier),
+			ResourceName:  fmt.Sprintf("%s/%s", PluralTypeFolder, identifier),
 			AuthenticationInfo: &auditV1.AuthenticationInfo{
 				PrincipalId:                  uuid.NewString(),
 				PrincipalEmail:               "user@example.com",
@ -144,7 +144,7 @@ func NewFolderAuditEvent(
 				CallerSuppliedUserAgent: "OpenAPI-Generator/ 1.0.0/ go",
 				RequestAttributes: &auditV1.AttributeContext_Request{
 					Id:       &requestId,
-					Method:   "POST",
+					Method:   auditV1.AttributeContext_HTTP_METHOD_POST,
 					Headers:  headers,
 					Path:     "/v2/folders",
 					Host:     "stackit-resource-manager-dev.apps.01.cf.eu01.stackit.cloud",
@ -173,7 +173,7 @@ func NewFolderAuditEvent(
 		Labels:        labels,
 		CorrelationId: &correlationId,
 		Timestamp:     timestamppb.New(time.Now()),
-		Severity:      auditV1.LogSeverity_DEFAULT,
+		Severity:      auditV1.LogSeverity_LOG_SEVERITY_DEFAULT,
 		TraceParent:   nil,
 		TraceState:    nil,
 	}
@ -214,9 +214,9 @@ func NewProjectAuditEvent(
 	auditEvent := &auditV1.AuditLogEntry{
 		LogName: fmt.Sprintf("%s/%s/logs/%s", PluralTypeProject, identifier, EventTypeAdminActivity),
 		ProtoPayload: &auditV1.AuditLog{
-			ServiceName:  "resource-manager",
+			ServiceName:   "resource-manager",
-			MethodName:   "stackit.resourcemanager.v2.project.created",
+			OperationName: "stackit.resourcemanager.v2.project.created",
-			ResourceName: fmt.Sprintf("%s/%s", PluralTypeProject, identifier),
+			ResourceName:  fmt.Sprintf("%s/%s", PluralTypeProject, identifier),
 			AuthenticationInfo: &auditV1.AuthenticationInfo{
 				PrincipalId:                  uuid.NewString(),
 				PrincipalEmail:               "user@example.com",
@ -233,7 +233,7 @@ func NewProjectAuditEvent(
 				CallerSuppliedUserAgent: "OpenAPI-Generator/ 1.0.0/ go",
 				RequestAttributes: &auditV1.AttributeContext_Request{
 					Id:       &requestId,
-					Method:   "POST",
+					Method:   auditV1.AttributeContext_HTTP_METHOD_POST,
 					Headers:  headers,
 					Path:     "/v2/projects",
 					Host:     "stackit-resource-manager-dev.apps.01.cf.eu01.stackit.cloud",
@ -262,7 +262,7 @@ func NewProjectAuditEvent(
 		Labels:        labels,
 		CorrelationId: &correlationId,
 		Timestamp:     timestamppb.New(time.Now()),
-		Severity:      auditV1.LogSeverity_DEFAULT,
+		Severity:      auditV1.LogSeverity_LOG_SEVERITY_DEFAULT,
 		TraceParent:   nil,
 		TraceState:    nil,
 	}
@ -298,9 +298,9 @@ func NewSystemAuditEvent(
 	auditEvent := &auditV1.AuditLogEntry{
 		LogName: fmt.Sprintf("%s/%s/logs/%s", PluralTypeSystem, identifier, EventTypeSystemEvent),
 		ProtoPayload: &auditV1.AuditLog{
-			ServiceName:  "resource-manager",
+			ServiceName:   "resource-manager",
-			MethodName:   "stackit.resourcemanager.v2.system.changed",
+			OperationName: "stackit.resourcemanager.v2.system.changed",
-			ResourceName: fmt.Sprintf("%s/%s", PluralTypeSystem, identifier),
+			ResourceName:  fmt.Sprintf("%s/%s", PluralTypeSystem, identifier),
 			AuthenticationInfo: &auditV1.AuthenticationInfo{
 				PrincipalId:                  serviceAccountId,
 				PrincipalEmail:               "service-account@sa.stackit.cloud",
@ -317,7 +317,7 @@ func NewSystemAuditEvent(
 				CallerSuppliedUserAgent: "OpenAPI-Generator/ 1.0.0/ go",
 				RequestAttributes: &auditV1.AttributeContext_Request{
 					Id:       &requestId,
-					Method:   "POST",
+					Method:   auditV1.AttributeContext_HTTP_METHOD_POST,
 					Headers:  headers,
 					Path:     "/v2/projects",
 					Host:     "stackit-resource-manager-dev.apps.01.cf.eu01.stackit.cloud",
@ -346,7 +346,7 @@ func NewSystemAuditEvent(
 		Labels:        labels,
 		CorrelationId: &correlationId,
 		Timestamp:     timestamppb.New(time.Now()),
-		Severity:      auditV1.LogSeverity_DEFAULT,
+		Severity:      auditV1.LogSeverity_LOG_SEVERITY_DEFAULT,
 		TraceParent:   nil,
 		TraceState:    nil,
 	}
--- a/gen/go/audit/v1/audit_event.pb.go
+++ b/gen/go/audit/v1/audit_event.pb.go
--- a/gen/go/audit/v1/audit_event.pb.validate.go
+++ b/gen/go/audit/v1/audit_event.pb.validate.go
@ -237,7 +237,7 @@ func (m *AuditLog) validate(all bool) error {
 	// no validation rules for ServiceName
-	// no validation rules for MethodName
+	// no validation rules for OperationName
 	// no validation rules for ResourceName
--- a/gen/go/audit/v1/routable_event.pb.go
+++ b/gen/go/audit/v1/routable_event.pb.go
@ -269,17 +269,16 @@ type RoutableAuditEvent struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 	// TODO rename to operation_name (equivalent to AuditLog.method_name)
 	// Functional event name with pattern
 	//
 	// Format: stackit.<product>.<version>.<type>.<operation>
 	//
 	// Examples:
 	//
-	//	"stackit.resourcemanager.v1.organization.created"
+	//	"stackit.resource-manager.v1.organization.created"
 	//	"stackit.authorization.v2.organization.moved"
 	//	"stackit.authorization.v2.folder.moved"
-	EventName string `protobuf:"bytes,1,opt,name=event_name,json=eventName,proto3" json:"event_name,omitempty"`
+	OperationName string `protobuf:"bytes,1,opt,name=operation_name,json=operationName,proto3" json:"operation_name,omitempty"`
 	// Visibility relevant for differentiating between internal and public events
 	Visibility Visibility `protobuf:"varint,2,opt,name=visibility,proto3,enum=audit.v1.Visibility" json:"visibility,omitempty"`
 	// Identifier the audit log event refers to.
@ -327,9 +326,9 @@ func (*RoutableAuditEvent) Descriptor() ([]byte, []int) {
 	return file_audit_v1_routable_event_proto_rawDescGZIP(), []int{3}
 }
-func (x *RoutableAuditEvent) GetEventName() string {
+func (x *RoutableAuditEvent) GetOperationName() string {
 	if x != nil {
-		return x.EventName
+		return x.OperationName
 	}
 	return ""
 }
@ -417,48 +416,48 @@ var file_audit_v1_routable_event_proto_rawDesc = []byte{
 	0x74, 0x61, 0x12, 0x2f, 0x0a, 0x0d, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x5f, 0x74,
 	0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x42, 0x0a, 0xba, 0x48, 0x07, 0xc8, 0x01,
 	0x01, 0x72, 0x02, 0x10, 0x01, 0x52, 0x0c, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x54,
-	0x79, 0x70, 0x65, 0x22, 0xa4, 0x03, 0x0a, 0x12, 0x52, 0x6f, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65,
+	0x79, 0x70, 0x65, 0x22, 0xaf, 0x03, 0x0a, 0x12, 0x52, 0x6f, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65,
-	0x41, 0x75, 0x64, 0x69, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x61, 0x0a, 0x0a, 0x65, 0x76,
+	0x41, 0x75, 0x64, 0x69, 0x74, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x12, 0x6c, 0x0a, 0x0e, 0x6f, 0x70,
-	0x65, 0x6e, 0x74, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x42, 0x42,
+	0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01,
-	0xba, 0x48, 0x3f, 0xc8, 0x01, 0x01, 0x72, 0x3a, 0x32, 0x38, 0x5e, 0x73, 0x74, 0x61, 0x63, 0x6b,
+	0x28, 0x09, 0x42, 0x45, 0xba, 0x48, 0x42, 0xc8, 0x01, 0x01, 0x72, 0x3d, 0x32, 0x3b, 0x5e, 0x73,
-	0x69, 0x74, 0x5c, 0x2e, 0x5b, 0x61, 0x2d, 0x7a, 0x30, 0x2d, 0x39, 0x5d, 0x2b, 0x5c, 0x2e, 0x76,
+	0x74, 0x61, 0x63, 0x6b, 0x69, 0x74, 0x5c, 0x2e, 0x5b, 0x61, 0x2d, 0x7a, 0x30, 0x2d, 0x39, 0x2d,
-	0x5b, 0x31, 0x2d, 0x39, 0x5d, 0x5b, 0x30, 0x2d, 0x39, 0x5d, 0x2a, 0x5c, 0x2e, 0x5b, 0x61, 0x2d,
+	0x5d, 0x2b, 0x5c, 0x2e, 0x76, 0x5b, 0x31, 0x2d, 0x39, 0x5d, 0x5b, 0x30, 0x2d, 0x39, 0x5d, 0x2a,
-	0x7a, 0x30, 0x2d, 0x39, 0x5d, 0x2b, 0x5c, 0x2e, 0x5b, 0x61, 0x2d, 0x7a, 0x30, 0x2d, 0x39, 0x5d,
+	0x5c, 0x2e, 0x5b, 0x61, 0x2d, 0x7a, 0x30, 0x2d, 0x39, 0x2d, 0x5d, 0x2b, 0x5c, 0x2e, 0x5b, 0x61,
-	0x2b, 0x24, 0x52, 0x09, 0x65, 0x76, 0x65, 0x6e, 0x74, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x41, 0x0a,
+	0x2d, 0x7a, 0x30, 0x2d, 0x39, 0x2d, 0x5d, 0x2b, 0x24, 0x52, 0x0d, 0x6f, 0x70, 0x65, 0x72, 0x61,
-	0x0a, 0x76, 0x69, 0x73, 0x69, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x74, 0x69, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x41, 0x0a, 0x0a, 0x76, 0x69, 0x73, 0x69,
-	0x0e, 0x32, 0x14, 0x2e, 0x61, 0x75, 0x64, 0x69, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x69, 0x73,
+	0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x14, 0x2e, 0x61,
-	0x69, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x42, 0x0b, 0xba, 0x48, 0x08, 0xc8, 0x01, 0x01, 0x82,
+	0x75, 0x64, 0x69, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x56, 0x69, 0x73, 0x69, 0x62, 0x69, 0x6c, 0x69,
-	0x01, 0x02, 0x10, 0x01, 0x52, 0x0a, 0x76, 0x69, 0x73, 0x69, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79,
+	0x74, 0x79, 0x42, 0x0b, 0xba, 0x48, 0x08, 0xc8, 0x01, 0x01, 0x82, 0x01, 0x02, 0x10, 0x01, 0x52,
-	0x12, 0x4f, 0x0a, 0x11, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74,
+	0x0a, 0x76, 0x69, 0x73, 0x69, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x4f, 0x0a, 0x11, 0x6f,
-	0x69, 0x66, 0x69, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x61, 0x75,
+	0x62, 0x6a, 0x65, 0x63, 0x74, 0x5f, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72,
-	0x64, 0x69, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x49, 0x64, 0x65,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x61, 0x75, 0x64, 0x69, 0x74, 0x2e, 0x76,
-	0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x42, 0x06, 0xba, 0x48, 0x03, 0xc8, 0x01, 0x01, 0x52,
+	0x31, 0x2e, 0x4f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69,
-	0x10, 0x6f, 0x62, 0x6a, 0x65, 0x63, 0x74, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65,
+	0x65, 0x72, 0x42, 0x06, 0xba, 0x48, 0x03, 0xc8, 0x01, 0x01, 0x52, 0x10, 0x6f, 0x62, 0x6a, 0x65,
-	0x72, 0x12, 0x46, 0x0a, 0x10, 0x75, 0x6e, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64,
+	0x63, 0x74, 0x49, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x12, 0x46, 0x0a, 0x10,
-	0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x61, 0x75,
+	0x75, 0x6e, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, 0x61,
-	0x64, 0x69, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x55, 0x6e, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x61, 0x75, 0x64, 0x69, 0x74, 0x2e, 0x76,
-	0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x48, 0x00, 0x52, 0x0f, 0x75, 0x6e, 0x65, 0x6e, 0x63, 0x72,
+	0x31, 0x2e, 0x55, 0x6e, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74,
-	0x79, 0x70, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x12, 0x40, 0x0a, 0x0e, 0x65, 0x6e, 0x63,
+	0x61, 0x48, 0x00, 0x52, 0x0f, 0x75, 0x6e, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64,
-	0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x05, 0x20, 0x01, 0x28,
+	0x44, 0x61, 0x74, 0x61, 0x12, 0x40, 0x0a, 0x0e, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65,
-	0x0b, 0x32, 0x17, 0x2e, 0x61, 0x75, 0x64, 0x69, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x6e, 0x63,
+	0x64, 0x5f, 0x64, 0x61, 0x74, 0x61, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x61,
-	0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x48, 0x00, 0x52, 0x0d, 0x65, 0x6e,
+	0x75, 0x64, 0x69, 0x74, 0x2e, 0x76, 0x31, 0x2e, 0x45, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74, 0x65,
-	0x63, 0x72, 0x79, 0x70, 0x74, 0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x42, 0x0d, 0x0a, 0x04, 0x64,
+	0x64, 0x44, 0x61, 0x74, 0x61, 0x48, 0x00, 0x52, 0x0d, 0x65, 0x6e, 0x63, 0x72, 0x79, 0x70, 0x74,
-	0x61, 0x74, 0x61, 0x12, 0x05, 0xba, 0x48, 0x02, 0x08, 0x01, 0x2a, 0x57, 0x0a, 0x0a, 0x56, 0x69,
+	0x65, 0x64, 0x44, 0x61, 0x74, 0x61, 0x42, 0x0d, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x12, 0x05,
-	0x73, 0x69, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x1a, 0x0a, 0x16, 0x56, 0x49, 0x53, 0x49,
+	0xba, 0x48, 0x02, 0x08, 0x01, 0x2a, 0x57, 0x0a, 0x0a, 0x56, 0x69, 0x73, 0x69, 0x62, 0x69, 0x6c,
-	0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49,
+	0x69, 0x74, 0x79, 0x12, 0x1a, 0x0a, 0x16, 0x56, 0x49, 0x53, 0x49, 0x42, 0x49, 0x4c, 0x49, 0x54,
-	0x45, 0x44, 0x10, 0x00, 0x12, 0x15, 0x0a, 0x11, 0x56, 0x49, 0x53, 0x49, 0x42, 0x49, 0x4c, 0x49,
+	0x59, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12,
-	0x54, 0x59, 0x5f, 0x50, 0x55, 0x42, 0x4c, 0x49, 0x43, 0x10, 0x01, 0x12, 0x16, 0x0a, 0x12, 0x56,
+	0x15, 0x0a, 0x11, 0x56, 0x49, 0x53, 0x49, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x50, 0x55,
-	0x49, 0x53, 0x49, 0x42, 0x49, 0x4c, 0x49, 0x54, 0x59, 0x5f, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54,
+	0x42, 0x4c, 0x49, 0x43, 0x10, 0x01, 0x12, 0x16, 0x0a, 0x12, 0x56, 0x49, 0x53, 0x49, 0x42, 0x49,
-	0x45, 0x10, 0x02, 0x42, 0x84, 0x01, 0x0a, 0x1c, 0x63, 0x6f, 0x6d, 0x2e, 0x73, 0x63, 0x68, 0x77,
+	0x4c, 0x49, 0x54, 0x59, 0x5f, 0x50, 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x10, 0x02, 0x42, 0x84,
-	0x61, 0x72, 0x7a, 0x2e, 0x73, 0x74, 0x61, 0x63, 0x6b, 0x69, 0x74, 0x2e, 0x61, 0x75, 0x64, 0x69,
+	0x01, 0x0a, 0x1c, 0x63, 0x6f, 0x6d, 0x2e, 0x73, 0x63, 0x68, 0x77, 0x61, 0x72, 0x7a, 0x2e, 0x73,
-	0x74, 0x2e, 0x76, 0x31, 0x42, 0x12, 0x52, 0x6f, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x45, 0x76,
+	0x74, 0x61, 0x63, 0x6b, 0x69, 0x74, 0x2e, 0x61, 0x75, 0x64, 0x69, 0x74, 0x2e, 0x76, 0x31, 0x42,
-	0x65, 0x6e, 0x74, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x0f, 0x2e, 0x2f, 0x61, 0x75,
+	0x12, 0x52, 0x6f, 0x75, 0x74, 0x61, 0x62, 0x6c, 0x65, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x50, 0x72,
-	0x64, 0x69, 0x74, 0x3b, 0x61, 0x75, 0x64, 0x69, 0x74, 0x56, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58,
+	0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x0f, 0x2e, 0x2f, 0x61, 0x75, 0x64, 0x69, 0x74, 0x3b, 0x61,
-	0x58, 0xaa, 0x02, 0x08, 0x41, 0x75, 0x64, 0x69, 0x74, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x08, 0x41,
+	0x75, 0x64, 0x69, 0x74, 0x56, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x58, 0x58, 0xaa, 0x02, 0x08, 0x41,
-	0x75, 0x64, 0x69, 0x74, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x14, 0x41, 0x75, 0x64, 0x69, 0x74, 0x5c,
+	0x75, 0x64, 0x69, 0x74, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x08, 0x41, 0x75, 0x64, 0x69, 0x74, 0x5c,
-	0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02,
+	0x56, 0x31, 0xe2, 0x02, 0x14, 0x41, 0x75, 0x64, 0x69, 0x74, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50,
-	0x09, 0x41, 0x75, 0x64, 0x69, 0x74, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74,
+	0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x09, 0x41, 0x75, 0x64, 0x69,
-	0x6f, 0x33,
+	0x74, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 var (
--- a/gen/go/audit/v1/routable_event.pb.validate.go
+++ b/gen/go/audit/v1/routable_event.pb.validate.go
@ -373,7 +373,7 @@ func (m *RoutableAuditEvent) validate(all bool) error {
 	var errors []error
-	// no validation rules for EventName
+	// no validation rules for OperationName
 	// no validation rules for Visibility
--- a/proto/audit/v1/audit_event.proto
+++ b/proto/audit/v1/audit_event.proto
@ -1,7 +1,6 @@
 syntax = "proto3";
 import "buf/validate/validate.proto";
 import "google/protobuf/any.proto";
 import "google/protobuf/struct.proto";
 import "google/protobuf/timestamp.proto";
 import "google/protobuf/wrappers.proto";
@ -53,23 +52,24 @@ message AuditLogEntry {
  //   Sequence-Number: Increasing number, representing the message offset per Worker-Id
  //                    If the Worker-Id changes, the sequence-number has to be reset to 0.
  //
  // NOTE: The ID will be masked by the SDK, applying the XOR Operation to not leak internal
  //       information to the customer
  //
  // Examples:
  // 	 "1721899117/eu01/319a7fb9-edd2-46c6-953a-a724bb377c61/8792726390909855142"
  //
  // Required: true
  // TODO XOR
  string insert_id = 3[
    (buf.validate.field).required = true,
    // TODO how do worker ids look like?
    (buf.validate.field).string.pattern = "^[0-9]+/[a-z0-9]+/[a-z0-9-]+/[0-9]+$"
  ];
  // A set of user-defined (key, value) data that provides additional
  // information about the log entry.
  //
-  // Required: true
+  // Required: false
-  map<string, string> labels = 4 [
+  map<string, string> labels = 4;
    (buf.validate.field).required = true
  ];
  // Correlate multiple audit logs by setting the same id
  //
@ -125,36 +125,35 @@ message AuditLogEntry {
 // standard severity levels listed below.
 enum LogSeverity {
-  UNSPECIFIED = 0;
+  LOG_SEVERITY_UNSPECIFIED = 0;
  // (1) The log entry has no assigned severity level.
-  // TODO check index
+  LOG_SEVERITY_DEFAULT = 100;
  DEFAULT = 1;
  // (100) Debug or trace information.
-  DEBUG = 100;
+  LOG_SEVERITY_DEBUG = 200;
  // (200) Routine information, such as ongoing status or performance.
-  INFO = 200;
+  LOG_SEVERITY_INFO = 300;
  // (300) Normal but significant events, such as start up, shut down, or
  // a configuration change.
-  NOTICE = 300;
+  LOG_SEVERITY_NOTICE = 400;
  // (400) Warning events might cause problems.
-  WARNING = 400;
+  LOG_SEVERITY_WARNING = 500;
  // (500) Error events are likely to cause problems.
-  ERROR = 500;
+  LOG_SEVERITY_ERROR = 600;
  // (600) Critical events cause more severe problems or outages.
-  CRITICAL = 600;
+  LOG_SEVERITY_CRITICAL = 700;
  // (700) A person must take an action immediately.
-  ALERT = 700;
+  LOG_SEVERITY_ALERT = 800;
  // (800) One or more systems are unusable.
-  EMERGENCY = 800;
+  LOG_SEVERITY_EMERGENCY = 900;
 }
 // Common audit log format for STACKIT API operations.
@ -171,7 +170,6 @@ message AuditLog {
    (buf.validate.field).string.min_len = 1
  ];
  // TODO rename into operation_name?
  // The name of the service method or operation.
  //
  // Format: stackit.<product>.<version>.<singularType>.<operation>
@ -187,7 +185,7 @@ message AuditLog {
  //   "stackit.authorization.v2.folder.moved"
  //
  // Required: true
-  string method_name = 2 [
+  string operation_name = 2 [
    (buf.validate.field).required = true,
    (buf.validate.field).string.pattern = "^stackit\\.[a-z0-9-]+\\.v[1-9][0-9]*\\.[a-z0-9-]+\\.[a-z0-9-]+$"
  ];
@ -377,9 +375,10 @@ message AttributeContext {
    // Format: <sub-claim>/<iss-claim>
    // Where:
    //   Sub-Claim: Sub-Claim from JWT with `/` percent-encoded (url-encoded)
    //   Issuer-Claim: Iss-Claim from JWT with `/` percent-encoded (url-encoded)
    //
    // Examples:
-    //   "https%3A%2F%2Faccounts.dev.stackit.cloud/stackit-resource-manager-dev"
+    //   "stackit-resource-manager-dev/https%3A%2F%2Faccounts.dev.stackit.cloud"
    //
    // Required: true
    string principal = 1 [
@ -392,7 +391,7 @@ message AttributeContext {
    // to receive the credential.
    //
    // Examples:
-    //   ["https://stackit-resource-manager-dev.apps.01.cf.eu01.stackit.cloud", "stackit", "api"]
+    //   ["stackit-resource-manager-dev", "stackit", "api"]
    //
    // Required: false
    repeated string audiences = 2;
@ -400,22 +399,15 @@ message AttributeContext {
    // Structured claims presented with the credential. JWTs include
    // {"key": <value>} pairs for standard and private claims.
    //
-    // The following is a subset of the standard required and optional claims that would
+    // The following is a subset of the standard required and optional claims that should
-    // typically be presented for a STACKIT JWT:
+    // typically be presented for a STACKIT JWT.
    // Don't add other claims to not leak internal or personal information:
    //
    //   {
-    //     "aud": "https://stackit-resource-manager-dev.apps.01.cf.eu01.stackit.cloud",
+    //     "aud": "stackit-resource-manager-dev",
    //     "email": "max@mail.schwarz",
    //     "exp": 1721905449,
    //     "iat": 1721901849,
    //     "iss": "https://api.dev.stackit.cloud",
-    //     "jti": "45a196e0-480f-4c34-a592-dc5db81c8c3a",
+    //     "jti": "45a196e0-480f-4c34-a592-dc5db81c8c3a"
    //     "nbf": 1721900462,
    //     "roles": null,
    //     "sub": "cd94f01a-df2e-4456-902f-48f5e57f0b63",
    //     "user_id": "",
    //     "x_client_id": "",
    //     "zid": ""
    //   }
    //
    // Required: true
@ -424,6 +416,19 @@ message AttributeContext {
    ];
  }
  enum HttpMethod {
    HTTP_METHOD_UNSPECIFIED = 0;
    HTTP_METHOD_GET = 1;
    HTTP_METHOD_HEAD = 2;
    HTTP_METHOD_POST = 3;
    HTTP_METHOD_PUT = 4;
    HTTP_METHOD_DELETE = 5;
    HTTP_METHOD_CONNECT = 6;
    HTTP_METHOD_OPTIONS = 7;
    HTTP_METHOD_TRACE = 8;
    HTTP_METHOD_PATCH = 9;
  }
  // This message defines attributes for an HTTP request. If the actual
  // request is not an HTTP request, the runtime system should try to map
  // the actual request to an equivalent HTTP request.
@ -448,16 +453,19 @@ message AttributeContext {
    // The HTTP request method, such as `GET`, `POST`.
    //
    // Required: true
-    // TODO does it make sense to define an enum?
+    HttpMethod method = 2 [
    string method = 2 [
      (buf.validate.field).required = true,
-      (buf.validate.field).string.min_len = 1
+      (buf.validate.field).enum.defined_only = true
    ];
    // The HTTP request headers. If multiple headers share the same key, they
    // must be merged according to the HTTP spec. All header keys must be
    // lowercased, because HTTP header keys are case-insensitive.
    //
    // Internal IP-Addresses have to be removed (e.g. in x-forwarded-xxx headers).
    //
    // TODO specify whitelist
    //
    // Required: true
    map<string, string> headers = 3 [
      (buf.validate.field).required = true
@ -525,7 +533,6 @@ message AttributeContext {
  // This message defines attributes for a typical network response. It
  // generally models semantics of an HTTP response.
  // TODO do we need another status code attribute in the Response?
  message Response {
    // The HTTP response size in bytes.
@ -660,7 +667,7 @@ message ServiceAccountDelegationInfo {
  // Entity that creates credentials for service account and assumes its
  // identity for authentication.
-  oneof Authority {
+  oneof authority {
    option (buf.validate.oneof).required = true;
    // System identity
--- a/proto/audit/v1/routable_event.proto
+++ b/proto/audit/v1/routable_event.proto
@ -51,18 +51,17 @@ message UnencryptedData {
 message RoutableAuditEvent {
  // TODO rename to operation_name (equivalent to AuditLog.method_name)
  // Functional event name with pattern
  //
  // Format: stackit.<product>.<version>.<type>.<operation>
  //
  // Examples:
-  //   "stackit.resourcemanager.v1.organization.created"
+  //   "stackit.resource-manager.v1.organization.created"
  //   "stackit.authorization.v2.organization.moved"
  //   "stackit.authorization.v2.folder.moved"
-  string event_name = 1 [
+  string operation_name = 1 [
    (buf.validate.field).required = true,
-    (buf.validate.field).string.pattern = "^stackit\\.[a-z0-9]+\\.v[1-9][0-9]*\\.[a-z0-9]+\\.[a-z0-9]+$"
+    (buf.validate.field).string.pattern = "^stackit\\.[a-z0-9-]+\\.v[1-9][0-9]*\\.[a-z0-9-]+\\.[a-z0-9-]+$"
  ];
  // Visibility relevant for differentiating between internal and public events