-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a fallback for EmitAuditEvents failure due to event conflicts (DynamoDB backend) #40854
Add a fallback for EmitAuditEvents failure due to event conflicts (DynamoDB backend) #40854
Conversation
func TestEmitSessionEventsSameIndex(t *testing.T) { | ||
ctx := context.Background() | ||
tt := setupDynamoContext(t) | ||
sessionID := session.NewID() | ||
|
||
require.NoError(t, tt.log.EmitAuditEvent(ctx, generateEvent(sessionID, 0))) | ||
require.NoError(t, tt.log.EmitAuditEvent(ctx, generateEvent(sessionID, 1))) | ||
require.Error(t, tt.log.EmitAuditEvent(ctx, generateEvent(sessionID, 1))) | ||
require.NoError(t, tt.log.EmitAuditEvent(ctx, generateEvent(sessionID, 1))) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, do we want the audit log to be able to be overwritten.
I feel like the original behavior of "first write wins" is more correct for an audit log.
Should we instead just not treat already exists as an error?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, do we want the audit log to be able to be overwritten.
This will only happen if the disable_conflict_check
is provided. Otherwise, the event will always need a unique session_id/event_index pair. The fallback logic only sets the event index to a different value and tries to put the item again. If there is still a conflict (very unlikely to happen since we're using unix nano and this is attached to the session), the event emission will still fail.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If it makes it clearer, we can add another test that causes the fallback to also fail. In this case, the EmitAuditEvent
will return an error.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems reasonable to me.
@gabrielcorado See the table below for backport results.
|
Closes #40126.
Adds a fallback for when the put item fails due to the condition exception (duplicate events).
In addition, we're adding a new option to disable condition checking, which can be configured through the DynamoDB URL. This option can be used to restore the old behavior.
NOTE: This is being solved on the DynamoDB events "layer" because multiple parts of Teleport are subject to this failure (not only the one described on the issue).
changelog: Fix audit event failures when using DynamoDB event storage.