Skip to content
This repository has been archived by the owner on Mar 2, 2022. It is now read-only.

Add audit log support #138

Open
craigtracey opened this issue Apr 23, 2019 · 2 comments · May be fixed by #163
Open

Add audit log support #138

craigtracey opened this issue Apr 23, 2019 · 2 comments · May be fixed by #163
Assignees
@alexbrand
Labels
good first issue help wanted

Comments

@craigtracey
Copy link
Contributor

Wardroom should support enabling api-server audit log functionality. This change should template-ize the audit log configuration and add the necessary volume mounts into the api-server container by way of the kubernetes_common_kubeadm_config.
@craigtracey
Copy link
Contributor Author

cc: @erictcgs

@alexbrand alexbrand self-assigned this Apr 29, 2019
@alexbrand
Copy link
Contributor

From a UX perspective, should a single flag control this behavior (e.g. kubernetes_master_audit_enabled: True|False), or is the user responsible for setting the right flags and volume mounts via kubernetes_common_kubeadm_config?

alexbrand added a commit to alexbrand/wardroom that referenced this issue May 1, 2019
@alexbrand
Add audit logging support with a default logging policy
ab96a67 
Enable Kubernetes API audit logging with a default logging policy. When
desired, users can provide their custom audit policy rules using an
ansible variable.

Fixes vmware-archive#138

Signed-off-by: Alexander Brand <alexbrand09@gmail.com>
@alexbrand alexbrand linked a pull request May 1, 2019 that will close this issue
Open
alexbrand added a commit to alexbrand/wardroom that referenced this issue May 1, 2019
@alexbrand
Add audit logging support with a default logging policy
2b303fe 
Enable Kubernetes API audit logging with a default logging policy. When
desired, users can provide their custom audit policy rules using an
ansible variable.

Fixes vmware-archive#138

Signed-off-by: Alexander Brand <alexbrand09@gmail.com>
alexbrand added a commit to alexbrand/wardroom that referenced this issue May 1, 2019
@alexbrand
Add audit logging support with a default logging policy
88e9d09 
Enable Kubernetes API audit logging with a default logging policy. When
desired, users can provide their custom audit policy rules using an
ansible variable.

Fixes vmware-archive#138

Signed-off-by: Alexander Brand <alexbrand09@gmail.com>
alexbrand added a commit to alexbrand/wardroom that referenced this issue May 1, 2019
@alexbrand
Add audit logging support with a default logging policy
73dc6f7 
Enable Kubernetes API audit logging with a default logging policy. When
desired, users can provide their custom audit policy rules using an
ansible variable.

Fixes vmware-archive#138

Signed-off-by: Alexander Brand <alexbrand09@gmail.com>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@alexbrand alexbrand

Labels
good first issue help wanted
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add audit logging support with a default logging policy alexbrand/wardroom
2 participants
@alexbrand @craigtracey