Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

REQUEST: Audit Device(s) track requests to /sys/rekey endpoints #9202

Open
stuartpurgavie opened this issue Jun 11, 2020 · 1 comment
Open

REQUEST: Audit Device(s) track requests to /sys/rekey endpoints #9202

stuartpurgavie opened this issue Jun 11, 2020 · 1 comment
Labels
core/audit enhancement

Comments

@stuartpurgavie
Copy link
Contributor

Is your feature request related to a problem? Please describe.
I recently ran into an issue with the sys/rekey endpoint(s) as discussed in the forums. When I ran into this issue, the first thing I wanted to check were the logs generated from the audit device. Unfortunately, because these endpoints are unauthenticated, there were no responses to inspect.

Describe the solution you'd like
Ideally, when sys/rekey is hit, I would like to be able to see what Vault has done with those requests and what responses it has made, for troubleshooting purposes.

Additional context
This is possibly related to #2244 as generate-root is in a similar place of unauthenticated endpoints not being audited. Arguably, both Re-key and Root Generation should be audited as alerts could be dynamically generated from the audit.
@aphorise
Copy link
Contributor

aphorise commented Sep 3, 2022

This is still applicable as of 1.11.x - any chance this will be addressed in a future release @ncabatoff

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
core/audit enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aphorise @ncabatoff @stuartpurgavie