Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-3293

WriteRequestBodies audit profile records routes/status events at RequestResponse level

XMLWordPrintable

    • None
    • False
    • Hide

      None

      Show
      None

      This bug is a backport clone of [Bugzilla Bug 2073220](https://bugzilla.redhat.com/show_bug.cgi?id=2073220). The following is the description of the original bug:

      Description of problem:

      https://docs.openshift.com/container-platform/4.10/security/audit-log-policy-config.html#about-audit-log-profiles_audit-log-policy-config

      Version-Release number of selected component (if applicable): 4.*

      How reproducible: always

      Steps to Reproduce:
      1. Set audit profile to WriteRequestBodies
      2. Wait for api server rollout to complete
      3. tail -f /var/log/kube-apiserver/audit.log | grep routes/status

      Actual results:

      Write events to routes/status are recorded at the RequestResponse level, which often includes keys and certificates.

      Expected results:

      Events involving routes should always be recorded at the Metadata level, per the documentation at https://docs.openshift.com/container-platform/4.10/security/audit-log-policy-config.html#about-audit-log-profiles_audit-log-policy-config

      Additional info:

              akashem@redhat.com Abu H Kashem
              openshift-crt-jira-prow OpenShift Prow Bot
              Rahul Gangwar Rahul Gangwar
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: