-
Type: Improvement
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
Labels:None
-
Major Change
-
Security 2021-03-22, Security 2021-04-05, Security 2021-04-19, Security 2021-05-03
- Add ErrorCodes::RuntimeAuditConfigurationNotEnabled
- Raise error if called with auditGlobalParams.runtimeConfiguration === false
- Return without change if generation number is <= current generation.
- Redeclare AuditManager::auditFilter as an AtomicWord<*shared_ptr<MatchExpression>>
- Add AuditManager::configGeneration as an AtomicWord<std::int64_t> (default 0).
- Emit 'auditConfigure' event (Define new aType)
- Instantiate a new MatchExpression for filter, and swap into AuditManager::auditFilter
- Store new values for generation and auditAuthorizationSuccess
- Call setAuditConfiguration(0, {}, false); during audit manager global initialization
- Add { setAuditConfig: ...}
- Guard on ActionType::auditConfigure (resource: cluster), define new ActionType.
- auditGlobalParams.runtimeConfiguration must be true
- On config server (or non-sharded) primary, commit to storage before swapping in config
- depends on
-
SERVER-54971 Add runtime configurable storage for RAC
- Closed
- is depended on by
-
SERVER-54974 Create Periodic Runner for updating RAC across cluster
- Closed