Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update audit level to Metadata for secrets #1153

Merged
merged 1 commit into from
Apr 22, 2020
Merged

update audit level to Metadata for secrets #1153

merged 1 commit into from
Apr 22, 2020

Conversation

Kaizhe
Copy link
Contributor

@Kaizhe Kaizhe commented Apr 17, 2020
edited by leodido
Loading

Signed-off-by: kaizhe [email protected]

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

/kind cleanup

/kind design

/kind documentation

/kind failing-test

/kind feature

If contributing rules or changes to rules, please make sure to also uncomment one of the following line:

/kind rule-update

/kind rule-create

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area build

/area engine

/area examples

/area rules

/area integrations

/area tests

/area proposals

What this PR does / why we need it:

Set the audit level to Metadata for object secrets. Or the secret data will be recorded in the audit log.

Which issue(s) this PR fixes:

Fixes #

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

docs(examples): set audit level to metadata for object secrets

@Kaizhe Kaizhe requested a review from mstemm April 17, 2020 18:57
@poiana poiana requested review from krisnova and leodido April 17, 2020 18:57
@poiana poiana added the size/S label Apr 17, 2020
@Kaizhe Kaizhe removed the request for review from krisnova April 20, 2020 20:07
mstemm
mstemm approved these changes Apr 20, 2020
View reviewed changes
Copy link
Contributor

@mstemm mstemm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! And noting the related change to rules at #1151

@poiana
Copy link
Contributor

poiana commented Apr 20, 2020

LGTM label has been added.

Git tree hash: 9b42f8bdf85e46b818bb2407f7d022db55964b32

mstemm added a commit to draios/sysdig-cloud-scripts that referenced this pull request Apr 21, 2020
@mstemm
Update audit level to Metadata for secrets
ce70c84 
Reflecting the changes in
falcosecurity/falco#1153, this changes the
recommended audit policy to log secrets information at Metadata level,
which prevents the contents of secrets from being logged.
@mstemm mstemm mentioned this pull request Apr 21, 2020
Merged
@poiana
Copy link
Contributor

poiana commented Apr 22, 2020

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: leodido, mstemm

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana poiana merged commit 3f90188 into master Apr 22, 2020
@poiana poiana deleted the kh_update-audit-level branch April 22, 2020 18:57
@leodido leodido added this to the 0.23.0 milestone Apr 22, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mstemm mstemm mstemm approved these changes

@leodido leodido leodido approved these changes

Assignees

@leodido leodido

@mstemm mstemm

Labels
approved dco-signoff: yes kind/documentation lgtm release-note size/S
Projects
None yet
Milestone
0.23.0
Development

Successfully merging this pull request may close these issues.
4 participants
@Kaizhe @poiana @leodido @mstemm