add mount accessor to audit request and responses (#15342)

* add mount accessor to audit request and responses * add changelog * cleanup todo
2022-05-12 11:28:00 -06:00 · 2022-05-12 11:28:00 -06:00 · 6f15ac255a
parent 0af0543bbe
commit 6f15ac255a
2 changed files with 24 additions and 16 deletions
--- a/audit/format.go
+++ b/audit/format.go
@ -115,6 +115,7 @@ func (f *AuditFormatter) FormatRequest(ctx context.Context, w io.Writer, config
 			ClientTokenAccessor: req.ClientTokenAccessor,
 			Operation:           req.Operation,
 			MountType:           req.MountType,
+			MountAccessor:       req.MountAccessor,
 			Namespace: &AuditNamespace{
 				ID:   ns.ID,
 				Path: ns.Path,
@ -278,6 +279,7 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config
 			ClientTokenAccessor: req.ClientTokenAccessor,
 			Operation:           req.Operation,
 			MountType:           req.MountType,
+			MountAccessor:       req.MountAccessor,
 			Namespace: &AuditNamespace{
 				ID:   ns.ID,
 				Path: ns.Path,
@ -293,14 +295,15 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config
 		},

 		Response: &AuditResponse{
-			MountType: req.MountType,
-			Auth:      respAuth,
-			Secret:    respSecret,
-			Data:      resp.Data,
-			Warnings:  resp.Warnings,
-			Redirect:  resp.Redirect,
-			WrapInfo:  respWrapInfo,
-			Headers:   resp.Headers,
+			MountType:     req.MountType,
+			MountAccessor: req.MountAccessor,
+			Auth:          respAuth,
+			Secret:        respSecret,
+			Data:          resp.Data,
+			Warnings:      resp.Warnings,
+			Redirect:      resp.Redirect,
+			WrapInfo:      respWrapInfo,
+			Headers:       resp.Headers,
 		},
 	}

@ -343,6 +346,7 @@ type AuditRequest struct {
 	ReplicationCluster            string                 `json:"replication_cluster,omitempty"`
 	Operation                     logical.Operation      `json:"operation,omitempty"`
 	MountType                     string                 `json:"mount_type,omitempty"`
+	MountAccessor                 string                 `json:"mount_accessor,omitempty"`
 	ClientToken                   string                 `json:"client_token,omitempty"`
 	ClientTokenAccessor           string                 `json:"client_token_accessor,omitempty"`
 	Namespace                     *AuditNamespace        `json:"namespace,omitempty"`
@ -357,14 +361,15 @@ type AuditRequest struct {
 }

 type AuditResponse struct {
-	Auth      *AuditAuth             `json:"auth,omitempty"`
-	MountType string                 `json:"mount_type,omitempty"`
-	Secret    *AuditSecret           `json:"secret,omitempty"`
-	Data      map[string]interface{} `json:"data,omitempty"`
-	Warnings  []string               `json:"warnings,omitempty"`
-	Redirect  string                 `json:"redirect,omitempty"`
-	WrapInfo  *AuditResponseWrapInfo `json:"wrap_info,omitempty"`
-	Headers   map[string][]string    `json:"headers,omitempty"`
+	Auth          *AuditAuth             `json:"auth,omitempty"`
+	MountType     string                 `json:"mount_type,omitempty"`
+	MountAccessor string                 `json:"mount_accessor,omitempty"`
+	Secret        *AuditSecret           `json:"secret,omitempty"`
+	Data          map[string]interface{} `json:"data,omitempty"`
+	Warnings      []string               `json:"warnings,omitempty"`
+	Redirect      string                 `json:"redirect,omitempty"`
+	WrapInfo      *AuditResponseWrapInfo `json:"wrap_info,omitempty"`
+	Headers       map[string][]string    `json:"headers,omitempty"`
 }

 type AuditAuth struct {
--- a/changelog/15342.txt
+++ b/changelog/15342.txt
@ -0,0 +1,3 @@
+```release-note:improvement
+audit: Include mount_accessor in audit request and response logs
+```