[SERVER-54972] Add interface and command for setting RAC Created: 04/Mar/21  Updated: 29/Oct/23  Resolved: 23/Apr/21

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 5.0.0-rc0

Type: Improvement Priority: Major - P3
Reporter: Sara Golemon Assignee: Sara Golemon
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-54971 Add runtime configurable storage for RAC Closed
is depended on by SERVER-54974 Create Periodic Runner for updating R... Closed
Documented
Backwards Compatibility: Major Change
Sprint: Security 2021-03-22, Security 2021-04-05, Security 2021-04-19, Security 2021-05-03
Participants:

 Description   
  1. Add ErrorCodes::RuntimeAuditConfigurationNotEnabled
  2. Raise error if called with auditGlobalParams.runtimeConfiguration === false
  3. Return without change if generation number is <= current generation.
  4. Redeclare AuditManager::auditFilter as an AtomicWord<*shared_ptr<MatchExpression>>
  5. Add AuditManager::configGeneration as an AtomicWord<std::int64_t> (default 0).
  6. Emit 'auditConfigure' event (Define new aType)
  7. Instantiate a new MatchExpression for filter, and swap into AuditManager::auditFilter
  8. Store new values for generation and auditAuthorizationSuccess
  9. Call setAuditConfiguration(0, {}, false); during audit manager global initialization
  10. Add { setAuditConfig: ...}
    1. Guard on ActionType::auditConfigure (resource: cluster), define new ActionType.
    2. auditGlobalParams.runtimeConfiguration must be true
    3. On config server (or non-sharded) primary, commit to storage before swapping in config


 Comments   
Comment by Githook User [ 23/Apr/21 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-54972 Add ActionTypes, ErrorCodes, and OpObserver hook for Runtime Audit Config
Branch: master
https://github.com/mongodb/mongo/commit/c1bfa707cdfbaeec7c6b05aaac787bfb354665ba

Comment by Githook User [ 23/Apr/21 ]

Author:

{'name': 'Sara Golemon', 'email': 'sara.golemon@mongodb.com', 'username': 'sgolemon'}

Message: SERVER-54972 Add API hooks to update audit config at runtime
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/bdb7c4afad72a56e6b537b10a78a94e0cd935967

Generated at Thu Feb 08 05:35:04 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.