[MD]Enable data source audit log to file #2215
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
kristenTian
changed the title
zengyan-amazon
requested changes
Aug 29, 2022
kristenTian
force-pushed
the
OSD5
branch
2 times, most recently
from
a3ae14c to
3f04e07
Compare
Comment on lines
134
to
140
| const auditor = auditTrailPromise.then((auditTrail) => auditTrail.asScoped(req)); | ||
|
|
||
| return dataSourceService.getDataSourceClient( | ||
| dataSourceId, | ||
| context.core.savedObjects.client, | ||
| cryptographyClient | ||
| cryptographyClient, | ||
| auditor |
There was a problem hiding this comment.
is auditTrailPromise.then block and guarantee auditor is initialized/created when calling dataSourceService.getDataSourceClient on line 136? Or we will need to use await?
There was a problem hiding this comment.
meanwhile, shall we declare getClient as async ?
There was a problem hiding this comment.
And how about just log it here in this getClient function instead of in dataSourceService ?
There was a problem hiding this comment.
- no, it will not block unless we use await;
- not need to, it already returns promise
- make sense to me so request can be private with current implementation.-- future maybe use observable.
There was a problem hiding this comment.
I also think auditor should be pass down to the configure_client. Because we'll log more than datasourceID, we'll probably log username, query(emitted by client), error, all of those are retrieved from deeper level.
There was a problem hiding this comment.
As u mentioned, this should be separate PR/task. -- As audit query still need further investigation, l'd just keep the current position and iterate in future. subtask: #2228
zhongnansu
reviewed
Aug 30, 2022
|
|
||
| public withAuditScope(name: string) {} | ||
|
|
||
| public add(event: AuditableEvent) { |
There was a problem hiding this comment.
I think we need more than type and message in the log line. For example, username or credential id?
There was a problem hiding this comment.
for now let's leave that. need security plugin's support to fully enable the log for authorization related stuff.
Comment on lines
134
to
140
| const auditor = auditTrailPromise.then((auditTrail) => auditTrail.asScoped(req)); | ||
|
|
||
| return dataSourceService.getDataSourceClient( | ||
| dataSourceId, | ||
| context.core.savedObjects.client, | ||
| cryptographyClient | ||
| cryptographyClient, | ||
| auditor |
There was a problem hiding this comment.
I also think auditor should be pass down to the configure_client. Because we'll log more than datasourceID, we'll probably log username, query(emitted by client), error, all of those are retrieved from deeper level.
|
|
||
| auditor.add({ | ||
| message: auditMessage, | ||
| type: 'opensearch.dataSourceClient.call.internalUser', |
There was a problem hiding this comment.
this doesn't make sense, it's always current user, not internal user. Type here should by dynamic, possible values for example creation, access, change, deletion. reference: https://www.elastic.co/guide/en/kibana/7.11/xpack-security-audit-logging.html#field-event-type
Or come up with some better candidates
There was a problem hiding this comment.
good catch, going to update the string , but limiting the scope for this pr to be some static string for now. --e.g. opensearch.dataSourceClient.fetchClient
| private getAuditMessage(request: OpenSearchDashboardsRequest, dataSourceId: string) { | ||
| const rawRequest = ensureRawRequest(request); | ||
| const remoteAddress = rawRequest?.info?.remoteAddress; | ||
| const xForwardFor = request.headers['x-forwarded-for']; |
There was a problem hiding this comment.
why is remoteAddress and x-forwarded-for needed ?
There was a problem hiding this comment.
to log the requester's info, later will be utilized by security plugin
Signed-off-by: Kristen Tian <tyarong@amazon.com>
zengyan-amazon
approved these changes
Aug 31, 2022
zhongnansu
approved these changes
Aug 31, 2022
kristenTian
added a commit
to kristenTian/OpenSearch-Dashboards
that referenced
this pull request
Sep 12, 2022
Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com>
kristenTian
added a commit
to kristenTian/OpenSearch-Dashboards
that referenced
this pull request
Sep 14, 2022
Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com>
kristenTian
added a commit
to kristenTian/OpenSearch-Dashboards
that referenced
this pull request
Sep 14, 2022
Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com>
kristenTian
added a commit
to kristenTian/OpenSearch-Dashboards
that referenced
this pull request
Sep 15, 2022
Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com>
kristenTian
added a commit
that referenced
this pull request
Sep 19, 2022
* Instantiate credential management plugin code structure (#1996) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Data source inside stack management setup (#2017) (#2030) Signed-off-by: Kristen Tian <tyarong@amazon.com> * enable CI for feature branch (#2010) Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add empty data source plugin (#2052) Adds empty data source plugin. Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Add initial credential management CRUD pages (#2040) * Add credential management CRUD pages 1. List all credentials 2. Create your saved credential 3. Edit your credential 4. Delete credentials Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Register Data source to savedObject & Update license header (#2037) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Move credential saved object to data source plugin (#2062) Signed-off-by: Louis Chu <clingzhi@amazon.com> Move credential saved object to data source plugin Resolve follow up comments on UI Signed-off-by: Kristen Tian <tyarong@amazon.com> * breadcrumbfix for datasource management (#2066) * breadcrumbfix for datasource management Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * breadcrumbfix for datasource management - refactoring code Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * using services to update breadcrumb on data sources management page Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Changing the license header on breadcrumbs.ts datasource management Signed-off-by: Kristen Tian <tyarong@amazon.com> * Fix breadcrumb on listing page and update saved object mapping (#2069) Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add data source step into IndexPattern with Mock switch (#2064) (#2086) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add delete button for credential detailed page (#2067) Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Link datasource to indexpattern (#2118) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add encrypt/decrypt module on data source plugin (#2120) Signed-off-by: Louis Chu <clingzhi@amazon.com> 1. Add encrypt/decrypt module with UT 2. Add client factory wrapper for encrypt credential 3. Add encryption config support 4. Bugfix on Jest interpret Buffer Signed-off-by: Kristen Tian <tyarong@amazon.com> * Integrate index pattern with new data client (#2146) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add noAuth to dataSource attributes (#2154) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Datasource Management - creation & listing - UI only (#2128) * data source management - creation & Listing UI only * data source management - creation & Listing UI only * Create/edit data source feature * toggling default value * refactoring code as per review comments * toggling server flag to false Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Apply dataSource plugin as dependent for cm and dsm plugins (#2150) Signed-off-by: Louis Chu <clingzhi@amazon.com> Apply dataSource plugin as dependent for cm and dsm plugins (#2150) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Leverage datasource enablement in index pattern management Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Add client management module and register `getClient()` to route handler context (#2121) * Add client management module and register `getClient()` interface to route handler context Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Make step info in index pattern creation dynamic (#2164) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Refactor for credential listing page & add loading effect (#2142) Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Integration sequal - replace data client placeholders (#2167) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Integrate with crypto module to decrpt password (#2170) Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] noAuth integration, credential & endpoint validation (#2165) * noAuth integration, credential & endpoint validation Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Refactoring validation message Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Adding back accidentally deleted file home/tutorials/haproxy_metrics/index.ts Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Refactor search strategy to conditionally user datasource client (#2171) Signed-off-by: Kristen Tian <tyarong@amazon.com> * adding relation between credential selection and no auth checkbox (#2175) Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update getIndicesViaSearch with datasource (#2176) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add null header to child client spawn (#2188) Signed-off-by: Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD][IP]Update button position & Add UT & Add skip option (#2195) * Add UT - index pattern related Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update button position Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add skip option to allow use default os data source Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD]Refactor layout and validate input fields for listing and create pages (#2202) Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Enable datasource link in saveObjectManagement (#2209) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update configure data source per UX input (#2235) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Enable data source audit log to file (#2215) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Refactor of credential editing page layout & refactor backend field validation method (#2222) * Refactor of credential editing page layout & refactor backend field validation method * Resolved the comments & fix the multiple call for one operation Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Tweak fetch data back to original (#2238) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Revamped UX for data source management (#2239) * revamped UX for data source management Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * refactored datasource screens as per PR comments Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Credentials security redesign (#2253) 1. Data model changes for data source saved object 2. Server side changes for data source saved object a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password encryption / decryption. b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient) c. Fix unit tests accordingly Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add step data source UI test (#2264) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD]Improve datasource server side error handling (#2236) Signed-off-by: Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Datasource management new API change integrations (#2282) * changing datasource management design to integrate with new API changes Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Update edit_data_source_form.tsx moving masked password to constants Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update stream test to bypass CI env generate domain attribute Signed-off-by: Kristen Tian <tyarong@amazon.com> * Delete credential management Signed-off-by: Kristen Tian <tyarong@amazon.com> * Address comments Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Datasource Management - Create data source - Unit tests (#2341) * Unit test cases for data source management - create Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * adding tests to utils.ts & changing it to test Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Fix update data source & block update endpint (#2364) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * MD datasource management-datasource table-UTs (#2350) Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * reafctor based on PR 2334 comments to merge to main (#2375) Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * removing invalid urls as CI fails on link checker for inavlid urls in git (#2376) Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Address comments Signed-off-by: Kristen Tian <tyarong@amazon.com> * Fix DS snapshot test Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add https://test.com/ to lychee exclude Signed-off-by: Kristen Tian <tyarong@amazon.com> * Address comments Signed-off-by: Kristen Tian <tyarong@amazon.com> * Remove unnessacry check Signed-off-by: Kristen Tian <tyarong@amazon.com> * Remove not needed check Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Su <szhongna@amazon.com> Co-authored-by: Louis Chu <lingzhichu.clz@gmail.com> Co-authored-by: Zhongnan Su <szhongna@amazon.com> Co-authored-by: Yan Zeng <46499415+zengyan-amazon@users.noreply.github.com> Co-authored-by: Manideep Pabba <109986843+mpabba3003@users.noreply.github.com> Co-authored-by: Yibo Wang <109543558+yibow98@users.noreply.github.com>
kavilla
pushed a commit
to kavilla/OpenSearch-Dashboards-1
that referenced
this pull request
Sep 21, 2022
* Instantiate credential management plugin code structure (opensearch-project#1996) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Data source inside stack management setup (opensearch-project#2017) (opensearch-project#2030) Signed-off-by: Kristen Tian <tyarong@amazon.com> * enable CI for feature branch (opensearch-project#2010) Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add empty data source plugin (opensearch-project#2052) Adds empty data source plugin. Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Add initial credential management CRUD pages (opensearch-project#2040) * Add credential management CRUD pages 1. List all credentials 2. Create your saved credential 3. Edit your credential 4. Delete credentials Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Register Data source to savedObject & Update license header (opensearch-project#2037) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Move credential saved object to data source plugin (opensearch-project#2062) Signed-off-by: Louis Chu <clingzhi@amazon.com> Move credential saved object to data source plugin Resolve follow up comments on UI Signed-off-by: Kristen Tian <tyarong@amazon.com> * breadcrumbfix for datasource management (opensearch-project#2066) * breadcrumbfix for datasource management Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * breadcrumbfix for datasource management - refactoring code Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * using services to update breadcrumb on data sources management page Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Changing the license header on breadcrumbs.ts datasource management Signed-off-by: Kristen Tian <tyarong@amazon.com> * Fix breadcrumb on listing page and update saved object mapping (opensearch-project#2069) Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add data source step into IndexPattern with Mock switch (opensearch-project#2064) (opensearch-project#2086) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add delete button for credential detailed page (opensearch-project#2067) Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Link datasource to indexpattern (opensearch-project#2118) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add encrypt/decrypt module on data source plugin (opensearch-project#2120) Signed-off-by: Louis Chu <clingzhi@amazon.com> 1. Add encrypt/decrypt module with UT 2. Add client factory wrapper for encrypt credential 3. Add encryption config support 4. Bugfix on Jest interpret Buffer Signed-off-by: Kristen Tian <tyarong@amazon.com> * Integrate index pattern with new data client (opensearch-project#2146) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add noAuth to dataSource attributes (opensearch-project#2154) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Datasource Management - creation & listing - UI only (opensearch-project#2128) * data source management - creation & Listing UI only * data source management - creation & Listing UI only * Create/edit data source feature * toggling default value * refactoring code as per review comments * toggling server flag to false Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Apply dataSource plugin as dependent for cm and dsm plugins (opensearch-project#2150) Signed-off-by: Louis Chu <clingzhi@amazon.com> Apply dataSource plugin as dependent for cm and dsm plugins (opensearch-project#2150) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Leverage datasource enablement in index pattern management Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Add client management module and register `getClient()` to route handler context (opensearch-project#2121) * Add client management module and register `getClient()` interface to route handler context Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Make step info in index pattern creation dynamic (opensearch-project#2164) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Refactor for credential listing page & add loading effect (opensearch-project#2142) Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Integration sequal - replace data client placeholders (opensearch-project#2167) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Integrate with crypto module to decrpt password (opensearch-project#2170) Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] noAuth integration, credential & endpoint validation (opensearch-project#2165) * noAuth integration, credential & endpoint validation Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Refactoring validation message Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Adding back accidentally deleted file home/tutorials/haproxy_metrics/index.ts Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Refactor search strategy to conditionally user datasource client (opensearch-project#2171) Signed-off-by: Kristen Tian <tyarong@amazon.com> * adding relation between credential selection and no auth checkbox (opensearch-project#2175) Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update getIndicesViaSearch with datasource (opensearch-project#2176) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add null header to child client spawn (opensearch-project#2188) Signed-off-by: Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD][IP]Update button position & Add UT & Add skip option (opensearch-project#2195) * Add UT - index pattern related Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update button position Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add skip option to allow use default os data source Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD]Refactor layout and validate input fields for listing and create pages (opensearch-project#2202) Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Enable datasource link in saveObjectManagement (opensearch-project#2209) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update configure data source per UX input (opensearch-project#2235) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Enable data source audit log to file (opensearch-project#2215) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Refactor of credential editing page layout & refactor backend field validation method (opensearch-project#2222) * Refactor of credential editing page layout & refactor backend field validation method * Resolved the comments & fix the multiple call for one operation Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Tweak fetch data back to original (opensearch-project#2238) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Revamped UX for data source management (opensearch-project#2239) * revamped UX for data source management Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * refactored datasource screens as per PR comments Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Credentials security redesign (opensearch-project#2253) 1. Data model changes for data source saved object 2. Server side changes for data source saved object a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password encryption / decryption. b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient) c. Fix unit tests accordingly Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add step data source UI test (opensearch-project#2264) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD]Improve datasource server side error handling (opensearch-project#2236) Signed-off-by: Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Datasource management new API change integrations (opensearch-project#2282) * changing datasource management design to integrate with new API changes Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Update edit_data_source_form.tsx moving masked password to constants Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update stream test to bypass CI env generate domain attribute Signed-off-by: Kristen Tian <tyarong@amazon.com> * Delete credential management Signed-off-by: Kristen Tian <tyarong@amazon.com> * Address comments Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Datasource Management - Create data source - Unit tests (opensearch-project#2341) * Unit test cases for data source management - create Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * adding tests to utils.ts & changing it to test Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Fix update data source & block update endpint (opensearch-project#2364) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * MD datasource management-datasource table-UTs (opensearch-project#2350) Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * reafctor based on PR 2334 comments to merge to main (opensearch-project#2375) Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * removing invalid urls as CI fails on link checker for inavlid urls in git (opensearch-project#2376) Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Address comments Signed-off-by: Kristen Tian <tyarong@amazon.com> * Fix DS snapshot test Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add https://test.com/ to lychee exclude Signed-off-by: Kristen Tian <tyarong@amazon.com> * Address comments Signed-off-by: Kristen Tian <tyarong@amazon.com> * Remove unnessacry check Signed-off-by: Kristen Tian <tyarong@amazon.com> * Remove not needed check Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Su <szhongna@amazon.com> Co-authored-by: Louis Chu <lingzhichu.clz@gmail.com> Co-authored-by: Zhongnan Su <szhongna@amazon.com> Co-authored-by: Yan Zeng <46499415+zengyan-amazon@users.noreply.github.com> Co-authored-by: Manideep Pabba <109986843+mpabba3003@users.noreply.github.com> Co-authored-by: Yibo Wang <109543558+yibow98@users.noreply.github.com>
sipopo
pushed a commit
to sipopo/OpenSearch-Dashboards
that referenced
this pull request
Dec 16, 2022
* Instantiate credential management plugin code structure (opensearch-project#1996) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Data source inside stack management setup (opensearch-project#2017) (opensearch-project#2030) Signed-off-by: Kristen Tian <tyarong@amazon.com> * enable CI for feature branch (opensearch-project#2010) Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add empty data source plugin (opensearch-project#2052) Adds empty data source plugin. Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Add initial credential management CRUD pages (opensearch-project#2040) * Add credential management CRUD pages 1. List all credentials 2. Create your saved credential 3. Edit your credential 4. Delete credentials Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Register Data source to savedObject & Update license header (opensearch-project#2037) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Move credential saved object to data source plugin (opensearch-project#2062) Signed-off-by: Louis Chu <clingzhi@amazon.com> Move credential saved object to data source plugin Resolve follow up comments on UI Signed-off-by: Kristen Tian <tyarong@amazon.com> * breadcrumbfix for datasource management (opensearch-project#2066) * breadcrumbfix for datasource management Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * breadcrumbfix for datasource management - refactoring code Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * using services to update breadcrumb on data sources management page Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Changing the license header on breadcrumbs.ts datasource management Signed-off-by: Kristen Tian <tyarong@amazon.com> * Fix breadcrumb on listing page and update saved object mapping (opensearch-project#2069) Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add data source step into IndexPattern with Mock switch (opensearch-project#2064) (opensearch-project#2086) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add delete button for credential detailed page (opensearch-project#2067) Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Link datasource to indexpattern (opensearch-project#2118) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add encrypt/decrypt module on data source plugin (opensearch-project#2120) Signed-off-by: Louis Chu <clingzhi@amazon.com> 1. Add encrypt/decrypt module with UT 2. Add client factory wrapper for encrypt credential 3. Add encryption config support 4. Bugfix on Jest interpret Buffer Signed-off-by: Kristen Tian <tyarong@amazon.com> * Integrate index pattern with new data client (opensearch-project#2146) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add noAuth to dataSource attributes (opensearch-project#2154) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Datasource Management - creation & listing - UI only (opensearch-project#2128) * data source management - creation & Listing UI only * data source management - creation & Listing UI only * Create/edit data source feature * toggling default value * refactoring code as per review comments * toggling server flag to false Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Apply dataSource plugin as dependent for cm and dsm plugins (opensearch-project#2150) Signed-off-by: Louis Chu <clingzhi@amazon.com> Apply dataSource plugin as dependent for cm and dsm plugins (opensearch-project#2150) Signed-off-by: Kristen Tian <tyarong@amazon.com> * Leverage datasource enablement in index pattern management Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Add client management module and register `getClient()` to route handler context (opensearch-project#2121) * Add client management module and register `getClient()` interface to route handler context Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Make step info in index pattern creation dynamic (opensearch-project#2164) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Refactor for credential listing page & add loading effect (opensearch-project#2142) Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Integration sequal - replace data client placeholders (opensearch-project#2167) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Integrate with crypto module to decrpt password (opensearch-project#2170) Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] noAuth integration, credential & endpoint validation (opensearch-project#2165) * noAuth integration, credential & endpoint validation Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Refactoring validation message Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Adding back accidentally deleted file home/tutorials/haproxy_metrics/index.ts Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Refactor search strategy to conditionally user datasource client (opensearch-project#2171) Signed-off-by: Kristen Tian <tyarong@amazon.com> * adding relation between credential selection and no auth checkbox (opensearch-project#2175) Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update getIndicesViaSearch with datasource (opensearch-project#2176) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add null header to child client spawn (opensearch-project#2188) Signed-off-by: Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD][IP]Update button position & Add UT & Add skip option (opensearch-project#2195) * Add UT - index pattern related Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update button position Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add skip option to allow use default os data source Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD]Refactor layout and validate input fields for listing and create pages (opensearch-project#2202) Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Enable datasource link in saveObjectManagement (opensearch-project#2209) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update configure data source per UX input (opensearch-project#2235) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Enable data source audit log to file (opensearch-project#2215) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Refactor of credential editing page layout & refactor backend field validation method (opensearch-project#2222) * Refactor of credential editing page layout & refactor backend field validation method * Resolved the comments & fix the multiple call for one operation Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Tweak fetch data back to original (opensearch-project#2238) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Revamped UX for data source management (opensearch-project#2239) * revamped UX for data source management Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * refactored datasource screens as per PR comments Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Credentials security redesign (opensearch-project#2253) 1. Data model changes for data source saved object 2. Server side changes for data source saved object a. Implement data_source_saved_objects_client_wrapper to integrate with CryptographyClient for password encryption / decryption. b. Change data_source_service to fetch credentials directly from data source (still decrypt via CryptographyClient) c. Fix unit tests accordingly Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add step data source UI test (opensearch-project#2264) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD]Improve datasource server side error handling (opensearch-project#2236) Signed-off-by: Su <szhongna@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Datasource management new API change integrations (opensearch-project#2282) * changing datasource management design to integrate with new API changes Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * Update edit_data_source_form.tsx moving masked password to constants Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Update stream test to bypass CI env generate domain attribute Signed-off-by: Kristen Tian <tyarong@amazon.com> * Delete credential management Signed-off-by: Kristen Tian <tyarong@amazon.com> * Address comments Signed-off-by: Kristen Tian <tyarong@amazon.com> * [MD] Datasource Management - Create data source - Unit tests (opensearch-project#2341) * Unit test cases for data source management - create Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> * adding tests to utils.ts & changing it to test Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Fix update data source & block update endpint (opensearch-project#2364) Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * MD datasource management-datasource table-UTs (opensearch-project#2350) Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * reafctor based on PR 2334 comments to merge to main (opensearch-project#2375) Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * removing invalid urls as CI fails on link checker for inavlid urls in git (opensearch-project#2376) Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> * Address comments Signed-off-by: Kristen Tian <tyarong@amazon.com> * Fix DS snapshot test Signed-off-by: Kristen Tian <tyarong@amazon.com> * Add https://test.com/ to lychee exclude Signed-off-by: Kristen Tian <tyarong@amazon.com> * Address comments Signed-off-by: Kristen Tian <tyarong@amazon.com> * Remove unnessacry check Signed-off-by: Kristen Tian <tyarong@amazon.com> * Remove not needed check Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Kristen Tian <tyarong@amazon.com> Signed-off-by: Zhongnan Su <szhongna@amazon.com> Signed-off-by: Louis Chu <clingzhi@amazon.com> Signed-off-by: Yibo Wang <yibow@amazon.com> Signed-off-by: mpabba3003 <amazonmanideep@gmail.com> Signed-off-by: Su <szhongna@amazon.com> Co-authored-by: Louis Chu <lingzhichu.clz@gmail.com> Co-authored-by: Zhongnan Su <szhongna@amazon.com> Co-authored-by: Yan Zeng <46499415+zengyan-amazon@users.noreply.github.com> Co-authored-by: Manideep Pabba <109986843+mpabba3003@users.noreply.github.com> Co-authored-by: Yibo Wang <109543558+yibow98@users.noreply.github.com> Signed-off-by: Sergey V. Osipov <sipopo@yandex.ru>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Enable data source audit log to file
/tmp/opensearch-dashboards-data-source-audit.log[2022-08-29T19:46:49.882Z][INFO ][�[35mplugins.dataSource.audit�[39m]{"type":"opensearch.dataSourceClient.call.internalUser"} 127.0.0.1 accessing through 127.0.0.1 on data source: 6d9a33e0-1f3a-11ed-b2d8-a74b67b7c8dcdata_source.audit.eanbled = falseIssues Resolved
#1986
Check List