Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add audit logging to space deletion #123378

Merged
merged 13 commits into from
Jan 25, 2022
Merged

Add audit logging to space deletion #123378

merged 13 commits into from
Jan 25, 2022

Conversation

thomheymann
Copy link
Contributor

@thomheymann thomheymann commented Jan 19, 2022
edited
Loading

Resolves #107589

Summary

Add audit events for deleted saved objects

Before

  • "User is deleting space [id=test]"

After

  • "User is deleting visualization [id=bcb63b50-4c89-11e8-b3d7-01146121b73d]"
  • "User is deleting visualization [id=9886b410-4c8b-11e8-b3d7-01146121b73d]"
  • "User is deleting visualization [id=293b5a30-4c8f-11e8-b3d7-01146121b73d]"
  • "User is deleting visualization [id=ed78a660-53a0-11e8-acbd-0be0ad9d822b]"
  • "User is deleting visualization [id=334084f0-52fd-11e8-a160-89cc2ad9e8e2]"
  • "User is deleting space [id=test]"

@thomheymann thomheymann added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! Feature:Security/Audit Platform Security - Audit Logging feature auto-backport Deprecated - use backport:version if exact versions are needed v8.1.0 v8.0.1 labels Jan 19, 2022
@thomheymann thomheymann requested a review from a team January 19, 2022 15:58
thomheymann
thomheymann commented Jan 19, 2022
View reviewed changes
Copy link
Contributor Author

@thomheymann thomheymann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Self review

x-pack/plugins/spaces/server/spaces_client/spaces_client.mock.ts Outdated Show resolved Hide resolved
x-pack/plugins/spaces/server/spaces_client/spaces_client.ts Outdated Show resolved Hide resolved
x-pack/plugins/security/server/audit/audit_events.ts Show resolved Hide resolved
jportner
jportner reviewed Jan 20, 2022
View reviewed changes
Copy link
Contributor

@jportner jportner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Finished a first pass, tag me again when CI is green and you're ready for another round!

x-pack/plugins/security/server/spaces/secure_spaces_client_wrapper.ts Outdated Show resolved Hide resolved
x-pack/plugins/security/server/spaces/secure_spaces_client_wrapper.ts Outdated Show resolved Hide resolved
@thomheymann thomheymann marked this pull request as ready for review January 20, 2022 16:03
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@thomheymann thomheymann requested a review from jportner January 20, 2022 16:03
@thomheymann thomheymann enabled auto-merge (squash) January 20, 2022 19:14
jportner
jportner reviewed Jan 24, 2022
View reviewed changes
Copy link
Contributor

@jportner jportner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I noticed a couple more things, shouldn't take long to address!

x-pack/plugins/spaces/server/spaces_client/spaces_client.test.ts Outdated Show resolved Hide resolved
x-pack/plugins/security/server/spaces/secure_spaces_client_wrapper.ts Outdated Show resolved Hide resolved
@thomheymann thomheymann requested a review from jportner January 25, 2022 10:07
@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Unknown metric groups

API count

id before after diff
security 181 182 +1
spaces 248 250 +2
total +3

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

jportner
jportner approved these changes Jan 25, 2022
View reviewed changes
Copy link
Contributor

@jportner jportner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@thomheymann thomheymann merged commit 5819cfb into elastic:main Jan 25, 2022
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Jan 25, 2022
@thomheymann @kibanamachine
Add audit logging to space deletion (elastic#123378)
fdc0ed8 
* Add audit logging to space deletion

* Fix outcome

* Delete all non-global saved objects

* Added suggestions from code review

* Fix tests

(cherry picked from commit 5819cfb)
@kibanamachine kibanamachine mentioned this pull request Jan 25, 2022
Closed
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.0

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

@jportner
Copy link
Contributor

Looks like this PR is causing TSC errors in CI because 0491214 was merged in shortly beforehand.

https://buildkite.com/elastic/kibana-hourly/builds/8512#de3c1516-38a1-4a97-9df1-018716509b4b

info Building TypeScript projects refs for tsconfig.refs.json...
--
  | info [tsc] > node_modules/typescript/bin/tsc -b tsconfig.refs.json --pretty
  | proc [tsc] x-pack/plugins/security/server/authentication/authenticator.test.ts:1842:50 - error TS2345: Argument of type '{ log: jest.Mock<any, any>; }' is not assignable to parameter of type 'AuditLogger'.
  | proc [tsc]   Property 'enabled' is missing in type '{ log: jest.Mock<any, any>; }' but required in type 'AuditLogger'.
  | proc [tsc]
  | proc [tsc] 1842       mockOptions.audit.asScoped.mockReturnValue(auditLogger);
  | proc [tsc]                                                       ~~~~~~~~~~~
  | proc [tsc]
  | proc [tsc]   x-pack/plugins/security/server/audit/audit_service.ts:59:12
  | proc [tsc]     59   readonly enabled: boolean;
  | proc [tsc]                   ~~~~~~~
  | proc [tsc]     'enabled' is declared here.
  | proc [tsc]
  | proc [tsc]
  | proc [tsc] Found 1 error.
  | proc [tsc]

tylersmalley pushed a commit that referenced this pull request Jan 25, 2022
Revert "Add audit logging to space deletion (#123378)"
cd06e5f 
This reverts commit 5819cfb.
@tylersmalley
Copy link
Contributor

tylersmalley commented Jan 25, 2022
edited
Loading

Here is the revert: cd06e5f

@jportner jportner removed the v8.0.1 label Jan 26, 2022
@thomheymann thomheymann mentioned this pull request Jan 31, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jportner jportner jportner approved these changes

Assignees
No one assigned
Labels
auto-backport Deprecated - use backport:version if exact versions are needed Feature:Security/Audit Platform Security - Audit Logging feature release_note:enhancement reverted Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.1.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improve space deletion auditing
6 participants
@thomheymann @elasticmachine @kibana-ci @kibanamachine @jportner @tylersmalley