[HDDS-10460] Refine audit logging for bucket property updation operations - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Implemented
Affects Version/s: None
Fix Version/s: 1.5.0, 1.4.1
Component/s: OM
Labels:
- pull-request-available

Target Version/s:

1.5.0, 1.4.1

Description

We should refine audit logging for operations modifying bucket properties.

How can this be useful?

Critical for consumers on earlier versions of Ozone who could potentially run into known bugs: ~~HDDS-7449~~ and ~~HDDS-7526~~.
Losing bucket replication properties/bucket encryption properties when one (re)sets quota/bucket replication configurations poses significant risks.
It is difficult for diagnosing the root cause when one runs into such issues just by looking at the audit logs.
Currently, the audit logs do not provide much insight into what properties have been modified while performing bucket config re(set) operations.

As of today, we are only capturing basic information such as volume, bucket, gdprEnabled, isVersionEnabled, storageType and owner properties for any given bucket.

We should also be capturing bucket quota and replication-related properties.

Attachments

Issue Links

relates to

HDDS-10475 Refine audit logging for bucket creation

Resolved

links to

GitHub Pull Request #6329

Activity

People

Assignee:: Tanvi Penumudy

Reporter:: Tanvi Penumudy

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 04/Mar/24 17:07

Updated:: 10/Apr/24 08:14

Resolved:: 06/Mar/24 17:56