Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Normal
Fix Version/s: CNV v4.17.0
Affects Version/s: None
Component/s: CNV Install, Upgrade and Operators
Labels:
- cnv-observability
- fabiand-testrun-set-fixversion

Story Points:
5
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
CNV-36950
[QE] How to address?:
---
[QE] Why QE missed?:
---
Market:

Sprint:
CNV I/U Operators Sprint 258

Regression:
No

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

This effort is related to https://docs.google.com/document/d/1hhogXnGPG_hHanB10TJBZof6eNlbDQOsJpiP_9CZfZU/edit?usp=sharing, OBSDA-541.

1. We should check:

Write a Policy which enforces a high Audit-Level on the Cluster: https://docs.openshift.com/container-platform/4.14/security/audit-log-policy-config.html
Configure AuditLogging is part of our openshift-best-practices PolicySet: https://github.com/open-cluster-management-io/policy-collection/blob/main/policygenerator/policy-sets/community/ocp-best-practices/input-audit/policy-config-audit.yaml
OpenShift Service Log (which doubles up as a kind of Event Store as well) has a simple API where changes could be pushed by other sources.
A changelog service: https://changelog.stage.devshift.net/services/host-inventory where for example changes are being pushed from Terraform

2. Identify what actions need to be monitored

—

Design document: https://docs.google.com/document/d/1aN_TunfOp6gXhpQU4YAnukfGvtwE3bFbNEQcjKnHvUE/edit?usp=sharing

is related to

CNV-50349 [spike] Audit log virtctl requests that allow interaction with VMIs

New

Assignee:: João Vilaça

Reporter:: Shirly Radco

QA Contact:: Debarati Basu-Nag

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/03/06 11:06 AM

Updated:: 2024/11/13 2:41 PM

Resolved:: 2024/09/02 9:05 AM