Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-5300

WriteRequestBodies audit profile records routes/status events at RequestResponse level

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • NA

      This bug is a backport clone of [Bugzilla Bug 2073220](https://bugzilla.redhat.com/show_bug.cgi?id=2073220). The following is the description of the original bug:

      Description of problem:

      https://docs.openshift.com/container-platform/4.10/security/audit-log-policy-config.html#about-audit-log-profiles_audit-log-policy-config

      Version-Release number of selected component (if applicable): 4.*

      How reproducible: always

      Steps to Reproduce:
      1. Set audit profile to WriteRequestBodies
      2. Wait for api server rollout to complete
      3. tail -f /var/log/kube-apiserver/audit.log | grep routes/status

      Actual results:

      Write events to routes/status are recorded at the RequestResponse level, which often includes keys and certificates.

      Expected results:

      Events involving routes should always be recorded at the Metadata level, per the documentation at https://docs.openshift.com/container-platform/4.10/security/audit-log-policy-config.html#about-audit-log-profiles_audit-log-policy-config

      Additional info:

            akashem@redhat.com Abu H Kashem
            openshift-crt-jira-prow OpenShift Prow Bot
            Rahul Gangwar Rahul Gangwar
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: