Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(elasticsearch): support audit logs #12106

Merged
merged 6 commits into from
Dec 16, 2020
Merged

feat(elasticsearch): support audit logs #12106

merged 6 commits into from
Dec 16, 2020

Conversation

Ruben-E
Copy link
Contributor

@Ruben-E Ruben-E commented Dec 16, 2020

Implemented support for audit logs like other logs (application, slow search and slow index) are implemented.
Audit logs can only be enabled when fine grained access control is enabled and ES version >= 6.7 see here.

The check for fine grained access control enabled is implemented. Version check is implicitly implemented since fine grained access control cannot be enabled < 6.7.

Closes #12105

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@Ruben-E
feat(elasticsearch): added support for audit logs
d284a05 
Implemented support for audit logs like other logs (application, slow search and slow index) are implemented.
Audit logs can only be enabled when fine grained access control is enabled. Added a check for that. Als updated the docs.

closes aws#12105
@Ruben-E
feat(elasticsearch): improved docs for auditLogEnabled toggle
e9c8397 
Added documentation that audit logs can only be enabled then fine grained access control is also enabled
@gitpod-io
Copy link

gitpod-io bot commented Dec 16, 2020
edited
Loading

@github-actions github-actions bot added the @aws-cdk/aws-elasticsearch Related to Amazon Elasticsearch Service label Dec 16, 2020
iliapolo
iliapolo approved these changes Dec 16, 2020
View reviewed changes
Copy link
Contributor

@iliapolo iliapolo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Ruben-E This is awesome, thanks!

@mergify
Copy link
Contributor

mergify bot commented Dec 16, 2020

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit d10ea63 into aws:master Dec 16, 2020
@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
  • Commit ID: 9044b7f
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

flochaz pushed a commit to flochaz/aws-cdk that referenced this pull request Jan 5, 2021
@Ruben-E @flochaz
feat(elasticsearch): support audit logs (aws#12106)
c9d8382 
Implemented support for audit logs like other logs (application, slow search and slow index) are implemented.
Audit logs can only be enabled when fine grained access control is enabled and ES version >= 6.7 [see here](https://aws.amazon.com/about-aws/whats-new/2020/09/elasticsearch-audit-logs-now-available-on-amazon-elasticsearch-service/).

The check for fine grained access control enabled is implemented. Version check is implicitly implemented since fine grained access control cannot be enabled < 6.7.

Closes aws#12105

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iliapolo iliapolo iliapolo approved these changes

Assignees

@iliapolo iliapolo

Labels
@aws-cdk/aws-elasticsearch Related to Amazon Elasticsearch Service
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

(elasticsearch): add support for audit logs
3 participants
@Ruben-E @aws-cdk-automation @iliapolo