audit

package
v0.0.0-...-b534984 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 26, 2024 License: Apache-2.0 Imports: 5 Imported by: 4

Documentation

Index

Constants

View Source
const (
	// see pkg/deploy/generator/resources.go#L901
	CloudRoleRP = "rp"

	DefaultLogMessage = "audit event"

	MetadataCreatedTime    = "createdTime"
	MetadataPayload        = "payload"
	MetadataLogKind        = "logKind"
	MetadataAdminOperation = "adminOp"
	MetadataSource         = "source"

	SourceAdminPortal = "aro-admin"
	SourceRP          = "aro-rp"

	EnvKeyAppID               = "envAppID"
	EnvKeyAppVer              = "envAppVer"
	EnvKeyCloudDeploymentUnit = "envCloudDeploymentUnit"
	EnvKeyCloudRole           = "envCloudRole"
	EnvKeyCloudRoleVer        = "envCloudRoleVer"
	EnvKeyCorrelationID       = "envCorrelationID"
	EnvKeyEnvironment         = "envEnvironmentName"
	EnvKeyHostname            = "envHostname"
	EnvKeyIKey                = "envIKey"
	EnvKeyLocation            = "envLocation"

	PayloadKeyCallerIdentities = "payloadCallerIdentities"
	PayloadKeyCategory         = "payloadCategory"
	PayloadKeyNCloud           = "payloadNCloud"
	PayloadKeyOperationName    = "payloadOperationName"
	PayloadKeyResult           = "payloadResult"
	PayloadKeyRequestID        = "payloadRequestID"
	PayloadKeyTargetResources  = "payloadTargetResources"

	IFXAuditCloudVer = 1.0
	IFXAuditName     = "#Ifx.AuditSchema"
	IFXAuditVersion  = 2.1
	IFXAuditLogKind  = "ifxaudit"
)
View Source
const (
	CallerIdentityTypeUPN            = "UPN"
	CallerIdentityTypePUID           = "PUID"
	CallerIdentityTypeObjectID       = "ObjectID"
	CallerIdentityTypeCertificate    = "Certificate"
	CallerIdentityTypeClaim          = "Claim"
	CallerIdentityTypeUsername       = "Username"
	CallerIdentityTypeKeyName        = "KeyName"
	CallerIdentityTypeApplicationID  = "ApplicationID"
	CallerIdentityTypeSubscriptionID = "SubscriptionID"

	CategoryAuthentication        = "Authentication"
	CategoryAuthorization         = "Authorization"
	CategoryUserManagement        = "UserManagement"
	CategoryGroupManagement       = "GroupManagement"
	CategoryRoleManagement        = "RoleManagement"
	CategoryApplicationManagement = "ApplicationManagement"
	CategoryKeyManagement         = "KeyManagement"
	CategoryDirectoryManagement   = "DirectoryManagement"
	CategoryResourceManagement    = "ResourceManagement"
	CategoryPolicyManagement      = "PolicyManagement"
	CategoryDeviceManagement      = "DeviceManagement"
	CategoryEntitlementManagement = "EntitlementManagement"
	CategoryPasswordManagement    = "PasswordManagement"
	CategoryObjectManagement      = "ObjectManagement"
	CategoryIdentityProtection    = "IdentityProtection"
	CategoryOther                 = "Other"

	ResultTypeSuccess     = "Success"
	ResultTypeFail        = "Fail"
	ResultTypeTimeout     = "Timeout"
	ResultTypeClientError = "Client Error"
	ResultTypeUnknown     = "Unknown"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type CallerIdentity

type CallerIdentity struct {
	CallerDisplayName   string `json:"CallerDisplayName,omitempty"`
	CallerIdentityType  string `json:"CallerIdentityType"`
	CallerIdentityValue string `json:"CallerIdentityValue"`
	CallerIPAddress     string `json:"CallerIpAddress,omitempty"`
}

CallerIdentity has identity information on the entity that invoke the operation described in the audit log.

type Payload

type Payload struct {
	// Part-A
	EnvVer                 float64 `json:"env_ver"`
	EnvName                string  `json:"env_name"`
	EnvTime                string  `json:"env_time" deep:"-"`
	EnvEpoch               string  `json:"env_epoch,omitempty" deep:"-"`
	EnvSeqNum              uint64  `json:"env_seqNum,omitempty" deep:"-"`
	EnvIKey                string  `json:"env_iKey,omitempty"`
	EnvFlags               int     `json:"env_flags,omitempty"`
	EnvAppID               string  `json:"env_appId"`
	EnvAppVer              string  `json:"env_appVer,omitempty"`
	EnvCV                  string  `json:"env_cv,omitempty"`
	EnvCloudName           string  `json:"env_cloud_name"`
	EnvCloudRole           string  `json:"env_cloud_role"`
	EnvCloudRoleVer        string  `json:"env_cloud_roleVer,omitempty"`
	EnvCloudRoleInstance   string  `json:"env_cloud_roleInstance"`
	EnvCloudEnvironment    string  `json:"env_cloud_environment,omitempty"`
	EnvCloudLocation       string  `json:"env_cloud_location"`
	EnvCloudDeploymentUnit string  `json:"env_cloud_deploymentUnit,omitempty"`
	EnvCloudVer            float64 `json:"env_cloud_ver"`

	// Part-B
	CallerIdentities []CallerIdentity `json:"CallerIdentities"`
	Category         string           `json:"Category"`
	OperationName    string           `json:"OperationName"`
	Result           Result           `json:"Result"`
	RequestID        string           `json:"requestId" deep:"-"`
	TargetResources  []TargetResource `json:"TargetResources"`
}

Payload is the IFxAudit log payload that will be sent to Geneva. It has all the required and optional fields defined in IFxAudit Part-A and Part-B schema.

Fields that are marked as optional or "required when applicable" in the schema are marked with the omitempty tag. Fields that are marked as "unused" are not included.

type PayloadHook

type PayloadHook struct {
	Payload *Payload
}

PayloadHook, when fires, hydrates an IFxAudit log payload using data in a log entry.

func (*PayloadHook) Fire

func (h *PayloadHook) Fire(entry *logrus.Entry) error

func (PayloadHook) Levels

func (PayloadHook) Levels() []logrus.Level

type Result

type Result struct {
	ResultType        string `json:"ResultType"`
	ResultDescription string `json:"ResultDescription,omitempty"`
}

Result provides information on the result of the operation.

type TargetResource

type TargetResource struct {
	TargetResourceType string `json:"TargetResourceType"`
	TargetResourceName string `json:"TargetResourceName"`
}

TargetResource has identity information on the entity affected by the operation described in the audit log.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL