[SERVER-53604] Include original aws iam arn in authenticate audit logs Created: 06/Jan/21 Updated: 29/Oct/23 Resolved: 05/Mar/21 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 4.9.0, 4.4.6 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Mark Benvenuto | Assignee: | Benjamin Caimano (Inactive) |
| Resolution: | Fixed | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||||||||||
| Sprint: | Security 2021-02-22, Security 2021-03-08 | ||||||||||||||||||||
| Participants: | |||||||||||||||||||||
| Case: | (copied to CRM) | ||||||||||||||||||||
| Linked BF Score: | 46 | ||||||||||||||||||||
| Description |
|
In order to support assume-role, the the last part of the ARN is trimmed. The original ARN should be logged as an additional field of the audit message so users can identify which user logged in.
|
| Comments |
| Comment by Githook User [ 07/Apr/21 ] |
|
Author: {'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com', 'username': 'bcaimano'}Message: |
| Comment by Githook User [ 07/Apr/21 ] |
|
Author: {'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com', 'username': 'bcaimano'}Message: |
| Comment by Githook User [ 09/Mar/21 ] |
|
Author: {'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com'}Message: |
| Comment by Githook User [ 05/Mar/21 ] |
|
Author: {'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com'}Message: |
| Comment by Githook User [ 05/Mar/21 ] |
|
Author: {'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com'}Message: |
| Comment by Githook User [ 05/Mar/21 ] |
|
Author: {'name': 'Ben Caimano', 'email': 'ben.caimano@10gen.com'}Message: |