Uploaded image for project: 'Project Quay'
  1. Project Quay
  2. PROJQUAY-4718

Quay 3.8.0 create and delete proxy cache under normal user's organization by superuser can't be audited when enable superuser full access

XMLWordPrintable

    • False
    • None
    • False

      Description:

      This is an issue of Quay 3.8.0 new feature "superuser full access", when enabled flag "FEATURE_SUPERUSERS_FULL_ACCESS: true", superuser can create and delete the proxy cache under normal user's organization, as the requirement is "any superuser action on tenant content can be audited", but this operation can't be audited under the logs of normal user's usage logs, pls review this issue.

      Quay Image:  quay-operator-bundle-container-v3.8.0-114

      Create/Delete proxy cache by superuser can't be audited:

      The usage logs of normal user's organization:

        1. image-2022-11-08-15-58-31-466.png
          183 kB
          luffy zhang
        2. image-2022-11-08-15-58-55-125.png
          169 kB
          luffy zhang
        3. image-2022-11-08-16-01-22-296.png
          416 kB
          luffy zhang
        4. image-2022-11-09-14-42-35-563.png
          255 kB
          luffy zhang
        5. image-2022-11-09-14-43-04-961.png
          177 kB
          luffy zhang
        6. image-2022-11-09-14-43-22-632.png
          162 kB
          luffy zhang
        7. image-2022-11-09-14-43-56-679.png
          257 kB
          luffy zhang
        8. image-2022-11-23-11-18-47-250.png
          189 kB
          luffy zhang

              sleesinc Kenny Lee Sin Cheong
              lzha1981 luffy zhang
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: