Add audit logs for auto update resources (#48218)

gravitational · Nov 7, 2024 · 4cdee4a · 4cdee4a
1 parent e8dd714
commit 4cdee4a
Show file tree

Hide file tree

Showing 12 changed files with 1,783 additions and 1,075 deletions.
diff --git a/api/proto/teleport/legacy/types/events/events.proto b/api/proto/teleport/legacy/types/events/events.proto
@@ -6977,6 +6977,13 @@ message AutoUpdateConfigCreate {
     (gogoproto.embed) = true,
     (gogoproto.jsontag) = ""
   ];
+
+  // Status indicates whether the creation was successful.
+  Status Status = 5 [
+    (gogoproto.nullable) = false,
+    (gogoproto.embed) = true,
+    (gogoproto.jsontag) = ""
+  ];
 }
 
 // AutoUpdateConfigUpdate is emitted when an auto update config is updated.
@@ -7008,6 +7015,13 @@ message AutoUpdateConfigUpdate {
     (gogoproto.embed) = true,
     (gogoproto.jsontag) = ""
   ];
+
+  // ResourceMetadata is a common resource event metadata
+  ResourceMetadata Resource = 5 [
+    (gogoproto.nullable) = false,
+    (gogoproto.embed) = true,
+    (gogoproto.jsontag) = ""
+  ];
 }
 
 // AutoUpdateConfigDelete is emitted when an auto update config is deleted.
@@ -7039,6 +7053,13 @@ message AutoUpdateConfigDelete {
     (gogoproto.embed) = true,
     (gogoproto.jsontag) = ""
   ];
+
+  // Status indicates whether the deletion was successful.
+  Status Status = 5 [
+    (gogoproto.nullable) = false,
+    (gogoproto.embed) = true,
+    (gogoproto.jsontag) = ""
+  ];
 }
 
 // AutoUpdateVersionCreate is emitted when an auto update version is created.
@@ -7070,6 +7091,13 @@ message AutoUpdateVersionCreate {
     (gogoproto.embed) = true,
     (gogoproto.jsontag) = ""
   ];
+
+  // Status indicates whether the creation was successful.
+  Status Status = 5 [
+    (gogoproto.nullable) = false,
+    (gogoproto.embed) = true,
+    (gogoproto.jsontag) = ""
+  ];
 }
 
 // AutoUpdateVersionUpdate is emitted when an auto update version is updated.
@@ -7101,6 +7129,13 @@ message AutoUpdateVersionUpdate {
     (gogoproto.embed) = true,
     (gogoproto.jsontag) = ""
   ];
+
+  // ResourceMetadata is a common resource event metadata
+  ResourceMetadata Resource = 5 [
+    (gogoproto.nullable) = false,
+    (gogoproto.embed) = true,
+    (gogoproto.jsontag) = ""
+  ];
 }
 
 // AutoUpdateVersionDelete is emitted when an auto update version is deleted.
@@ -7132,6 +7167,13 @@ message AutoUpdateVersionDelete {
     (gogoproto.embed) = true,
     (gogoproto.jsontag) = ""
   ];
+
+  // Status indicates whether the deletion was successful.
+  Status Status = 5 [
+    (gogoproto.nullable) = false,
+    (gogoproto.embed) = true,
+    (gogoproto.jsontag) = ""
+  ];
 }
 
 // StaticHostUserCreate is emitted when a static host user is created.

diff --git a/api/types/events/events.go b/api/types/events/events.go
@@ -2328,3 +2328,27 @@ func (m *SFTPSummary) TrimToMaxSize(maxSize int) AuditEvent {
 
 	return out
 }
+
+func (m *AutoUpdateConfigCreate) TrimToMaxSize(_ int) AuditEvent {
+	return m
+}
+
+func (m *AutoUpdateConfigUpdate) TrimToMaxSize(_ int) AuditEvent {
+	return m
+}
+
+func (m *AutoUpdateConfigDelete) TrimToMaxSize(_ int) AuditEvent {
+	return m
+}
+
+func (m *AutoUpdateVersionCreate) TrimToMaxSize(_ int) AuditEvent {
+	return m
+}
+
+func (m *AutoUpdateVersionUpdate) TrimToMaxSize(_ int) AuditEvent {
+	return m
+}
+
+func (m *AutoUpdateVersionDelete) TrimToMaxSize(_ int) AuditEvent {
+	return m
+}
diff --git a/api/types/events/events.pb.go b/api/types/events/events.pb.go
diff --git a/api/types/events/oneof.go b/api/types/events/oneof.go
@@ -765,6 +765,31 @@ func ToOneOf(in AuditEvent) (*OneOf, error) {
 		out.Event = &OneOf_SFTPSummary{
 			SFTPSummary: e,
 		}
+	case *AutoUpdateConfigCreate:
+		out.Event = &OneOf_AutoUpdateConfigCreate{
+			AutoUpdateConfigCreate: e,
+		}
+	case *AutoUpdateConfigUpdate:
+		out.Event = &OneOf_AutoUpdateConfigUpdate{
+			AutoUpdateConfigUpdate: e,
+		}
+	case *AutoUpdateConfigDelete:
+		out.Event = &OneOf_AutoUpdateConfigDelete{
+			AutoUpdateConfigDelete: e,
+		}
+
+	case *AutoUpdateVersionCreate:
+		out.Event = &OneOf_AutoUpdateVersionCreate{
+			AutoUpdateVersionCreate: e,
+		}
+	case *AutoUpdateVersionUpdate:
+		out.Event = &OneOf_AutoUpdateVersionUpdate{
+			AutoUpdateVersionUpdate: e,
+		}
+	case *AutoUpdateVersionDelete:
+		out.Event = &OneOf_AutoUpdateVersionDelete{
+			AutoUpdateVersionDelete: e,
+		}
 	default:
 		slog.ErrorContext(context.Background(), "Attempted to convert dynamic event of unknown type into protobuf event.", "event_type", in.GetType())
 		unknown := &Unknown{}

diff --git a/integrations/event-handler/go.sum b/integrations/event-handler/go.sum
@@ -1131,7 +1131,10 @@ github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLe
 github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
 github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af h1:kmjWCqn2qkEml422C2Rrd27c3VGxi6a/6HNq8QmHRKM=
 github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo=
+github.com/google/renameio v0.1.0 h1:GOZbcHa3HfsPKPlmyPyN2KEohoMXOhdMbHrvbpl2QaA=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
+github.com/google/renameio/v2 v2.0.0 h1:UifI23ZTGY8Tt29JbYFiuyIU3eX+RNFtUwefq9qAhxg=
+github.com/google/renameio/v2 v2.0.0/go.mod h1:BtmJXm5YlszgC+TD4HOEEUFgkJP3nLxehU6hfe7jRt4=
 github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM=
 github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA=
 github.com/google/safetext v0.0.0-20240104143208-7a7d9b3d812f h1:o2yGZLlsOj5H5uvtQNEdi6DeA0GbUP3lm0gWW5RvY0s=