Skip to content

Include metadata in audit log for API key events #88642

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 15 commits into from
Jul 22, 2022

Conversation

n1v0lg
Copy link
Contributor

@n1v0lg n1v0lg commented Jul 20, 2022

This PR adds audit logging for API key metadata, when an API key is
created, granted, or updated.

@n1v0lg n1v0lg added >non-issue :Security/Audit X-Pack Audit logging labels Jul 20, 2022
@n1v0lg n1v0lg self-assigned this Jul 20, 2022
@n1v0lg
Copy link
Contributor Author

n1v0lg commented Jul 20, 2022

I can make the same change for create_apikey in a separate PR (it's a distinct change that requires a changelog entry) -- I'm assuming we are not concerned with JSON building for the metadata potentially failing.

@n1v0lg
Copy link
Contributor Author

n1v0lg commented Jul 20, 2022

@elasticmachine run elasticsearch-ci/part-2

@n1v0lg n1v0lg marked this pull request as ready for review July 20, 2022 13:35
@elasticsearchmachine elasticsearchmachine added the Team:Security Meta label for security team label Jul 20, 2022
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@n1v0lg n1v0lg requested a review from ywangd July 20, 2022 14:01
@ywangd
Copy link
Member

ywangd commented Jul 21, 2022

Can we also audit the metadata when creating/granting API keys as part of this PR? I think they are closely related.

@n1v0lg
Copy link
Contributor Author

n1v0lg commented Jul 21, 2022

@ywangd sure thing.

@elasticsearchmachine
Copy link
Collaborator

Hi @n1v0lg, I've created a changelog YAML for you.

@n1v0lg n1v0lg changed the title Audit log metadata for API key updates Include metadata in audit log for API key events Jul 21, 2022
@n1v0lg n1v0lg requested review from ywangd and removed request for ywangd July 21, 2022 10:40
Copy link
Member

@ywangd ywangd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@n1v0lg
Copy link
Contributor Author

n1v0lg commented Jul 22, 2022

@elasticmachine update branch

@n1v0lg n1v0lg merged commit ceb52e4 into elastic:master Jul 22, 2022
@n1v0lg n1v0lg deleted the update-api-keys-metadata-audit-log branch July 22, 2022 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
>enhancement :Security/Audit X-Pack Audit logging Team:Security Meta label for security team v8.4.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants