Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a mechanism for tracking patches to the security index to eventually enable rollback/rollforward of adjacent changes #5093

Open
cwperks opened this issue Feb 5, 2025 · 1 comment
Open

Create a mechanism for tracking patches to the security index to eventually enable rollback/rollforward of adjacent changes #5093

cwperks opened this issue Feb 5, 2025 · 1 comment
Labels
enhancement New feature or request triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.

Comments

@cwperks
Copy link
Member

cwperks commented Feb 5, 2025

Is your feature request related to a problem?

Currently, its possible to use the security audit log to track changes to the security index when listening for COMPLIANCE_INTERNAL_CONFIG_WRITE events. Its also possible to combine this with config.compliance.enabled: true, config.compliance.write_log_diffs: true and config.compliance.write_metadata_only: false to only capture the diffs for security index requests.

The problem with this is that its not intuitive to configure and leaves cluster operators filtering the audit log for these types of events to figure out security config changes.

I'm opening this issue to spark a discussion about separating these config changes out to a separate place with the eventual goal of supporting rollback/rollforward in case a cluster operator wants to revert to the last previously known good cluster state.
@cwperks cwperks added enhancement New feature or request untriaged Require the attention of the repository maintainers and may need to be prioritized labels Feb 5, 2025
@cwperks cwperks mentioned this issue Feb 5, 2025
Closed
@cwperks cwperks removed the untriaged Require the attention of the repository maintainers and may need to be prioritized label Feb 10, 2025
@DarshitChanpura DarshitChanpura added the triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable. label Feb 17, 2025
@DarshitChanpura
Copy link
Member

@cwperks @nagarajg17 Seems like this is a good change? Any comments.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cwperks @DarshitChanpura