Skip to content

[v17] Use new access_list_title when showing audit events #54459

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
EdwardDowling merged 6 commits into from
May 2, 2025
Merged

[v17] Use new access_list_title when showing audit events #54459

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
8bf1c58
Use new access_list_title when showing audit events
EdwardDowling Apr 28, 2025
0a7735b
Add fallback for when access list title is not present
EdwardDowling Apr 29, 2025
4e2ce7c
Inline access list title defaulting to name if missing
EdwardDowling Apr 30, 2025
9493822
Add missing access_list_name in access_list_member_delete failure
EdwardDowling Apr 30, 2025
0ce8b54
Update fixtures to include access_list_title
EdwardDowling Apr 30, 2025
56d1d65
Add missing access_list_title to invalid user login
EdwardDowling May 1, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions web/packages/teleport/src/Audit/fixtures/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3327,61 +3327,70 @@ export const events = [
time: '2023-05-08T19:21:36.144Z',
name: 'access-list',
updated_by: 'mike',
access_list_title: 'example_title',
},
{
code: 'TAL001E',
event: 'access_list.create',
time: '2023-05-08T19:21:36.144Z',
name: 'access-list',
updated_by: 'mike',
access_list_title: 'example_title',
},
{
code: 'TAL002I',
event: 'access_list.update',
time: '2023-05-08T19:21:36.144Z',
name: 'access-list',
updated_by: 'mike',
access_list_title: 'example_title',
},
{
code: 'TAL002E',
event: 'access_list.update',
time: '2023-05-08T19:21:36.144Z',
name: 'access-list',
updated_by: 'mike',
access_list_title: 'example_title',
},
{
code: 'TAL003I',
event: 'access_list.delete',
time: '2023-05-08T19:21:36.144Z',
name: 'access-list',
updated_by: 'mike',
access_list_title: 'example_title',
},
{
code: 'TAL003E',
event: 'access_list.delete',
time: '2023-05-08T19:21:36.144Z',
name: 'access-list',
updated_by: 'mike',
access_list_title: 'example_title',
},
{
code: 'TAL004I',
event: 'access_list.review',
time: '2023-05-08T19:21:36.144Z',
name: 'access-list',
updated_by: 'mike',
access_list_title: 'example_title',
},
{
code: 'TAL004E',
event: 'access_list.review',
time: '2023-05-08T19:21:36.144Z',
name: 'access-list',
updated_by: 'mike',
access_list_title: 'example_title',
},
{
code: 'TAL005I',
event: 'access_list.member.add',
time: '2023-05-08T19:21:36.144Z',
access_list_name: 'access-list',
access_list_title: 'example_title',
members: [
{
member_name: 'user',
Expand All @@ -3394,6 +3403,7 @@ export const events = [
event: 'access_list.member.add',
time: '2023-05-08T19:21:36.144Z',
access_list_name: 'access-list',
access_list_title: 'example_title',
members: [
{
member_name: 'user',
Expand All @@ -3406,6 +3416,7 @@ export const events = [
event: 'access_list.member.update',
time: '2023-05-08T19:21:36.144Z',
access_list_name: 'access-list',
access_list_title: 'example_title',
members: [
{
member_name: 'user',
Expand All @@ -3418,6 +3429,7 @@ export const events = [
event: 'access_list.member.update',
time: '2023-05-08T19:21:36.144Z',
access_list_name: 'access-list',
access_list_title: 'example_title',
members: [
{
member_name: 'user',
Expand All @@ -3430,6 +3442,7 @@ export const events = [
event: 'access_list.member.delete',
time: '2023-05-08T19:21:36.144Z',
access_list_name: 'access-list',
access_list_title: 'example_title',
members: [
{
member_name: 'user',
Expand All @@ -3442,6 +3455,7 @@ export const events = [
event: 'access_list.member.delete',
time: '2023-05-08T19:21:36.144Z',
access_list_name: 'access-list',
access_list_title: 'example_title',
members: [
{
member_name: 'carrot',
Expand All @@ -3460,13 +3474,15 @@ export const events = [
event: 'access_list.member.delete_all_members',
time: '2023-05-08T19:21:36.144Z',
access_list_name: 'access-list',
access_list_title: 'example_title',
updated_by: 'mike',
},
{
code: 'TAL008E',
event: 'access_list.member.delete_all_members',
time: '2023-05-08T19:21:36.144Z',
access_list_name: 'access-list',
access_list_title: 'example_title',
updated_by: 'mike',
},
{
Expand Down
96 changes: 55 additions & 41 deletions web/packages/teleport/src/services/audit/makeEvent.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1642,116 +1642,130 @@ export const formatters: Formatters = {
[eventCodes.ACCESS_LIST_CREATE]: {
type: 'access_list.create',
desc: 'Access list created',
format: ({ name, updated_by }) =>
`User [${updated_by}] created access list [${name}]`,
format: ({ access_list_title, name, updated_by }) => {
return `User [${updated_by}] created access list [${access_list_title || name}]`;
},
},
[eventCodes.ACCESS_LIST_CREATE_FAILURE]: {
type: 'access_list.create',
desc: 'Access list create failed',
format: ({ name, updated_by }) =>
`User [${updated_by}] failed to create access list [${name}]`,
format: ({ access_list_title, name, updated_by }) => {
return `User [${updated_by}] failed to create access list [${access_list_title || name}]`;
},
},
[eventCodes.ACCESS_LIST_UPDATE]: {
type: 'access_list.update',
desc: 'Access list updated',
format: ({ name, updated_by }) =>
`User [${updated_by}] updated access list [${name}]`,
format: ({ access_list_title, name, updated_by }) => {
return `User [${updated_by}] updated access list [${access_list_title || name}]`;
},
},
[eventCodes.ACCESS_LIST_UPDATE_FAILURE]: {
type: 'access_list.update',
desc: 'Access list update failed',
format: ({ name, updated_by }) =>
`User [${updated_by}] failed to update access list [${name}]`,
format: ({ access_list_title, name, updated_by }) => {
return `User [${updated_by}] failed to update access list [${access_list_title || name}]`;
},
},
[eventCodes.ACCESS_LIST_DELETE]: {
type: 'access_list.delete',
desc: 'Access list deleted',
format: ({ name, updated_by }) =>
`User [${updated_by}] deleted access list [${name}]`,
format: ({ access_list_title, name, updated_by }) => {
return `User [${updated_by}] deleted access list [${access_list_title || name}]`;
},
},
[eventCodes.ACCESS_LIST_DELETE_FAILURE]: {
type: 'access_list.delete',
desc: 'Access list delete failed',
format: ({ name, updated_by }) =>
`User [${updated_by}] failed to delete access list [${name}]`,
format: ({ access_list_title, name, updated_by }) => {
return `User [${updated_by}] failed to delete access list [${access_list_title || name}]`;
},
},
[eventCodes.ACCESS_LIST_REVIEW]: {
type: 'access_list.review',
desc: 'Access list reviewed',
format: ({ name, updated_by }) =>
`User [${updated_by}] reviewed access list [${name}]`,
format: ({ access_list_title, name, updated_by }) => {
return `User [${updated_by}] reviewed access list [${access_list_title || name}]`;
},
},
[eventCodes.ACCESS_LIST_REVIEW_FAILURE]: {
type: 'access_list.review',
desc: 'Access list review failed',
format: ({ name, updated_by }) =>
`User [${updated_by}] failed to to review access list [${name}]`,
format: ({ access_list_title, name, updated_by }) => {
return `User [${updated_by}] failed to to review access list [${access_list_title || name}]`;
},
},
[eventCodes.ACCESS_LIST_MEMBER_CREATE]: {
type: 'access_list.member.create',
desc: 'Access list member added',
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] added ${formatMembers(
members
)} to access list [${access_list_name}]`,
format: ({ access_list_title, members, access_list_name, updated_by }) => {
return `User [${updated_by}] added ${formatMembers(members)} to access list [${access_list_title || access_list_name}]`;
},
},
[eventCodes.ACCESS_LIST_MEMBER_CREATE_FAILURE]: {
type: 'access_list.member.create',
desc: 'Access list member addition failure',
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] failed to add ${formatMembers(
format: ({ access_list_title, members, access_list_name, updated_by }) => {
return `User [${updated_by}] failed to add ${formatMembers(
members
)} to access list [${access_list_name}]`,
)} to access list [${access_list_title || access_list_name}]`;
},
},
[eventCodes.ACCESS_LIST_MEMBER_UPDATE]: {
type: 'access_list.member.update',
desc: 'Access list member updated',
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] updated ${formatMembers(
format: ({ access_list_title, members, access_list_name, updated_by }) => {
return `User [${updated_by}] updated ${formatMembers(
members
)} in access list [${access_list_name}]`,
)} in access list [${access_list_title || access_list_name}]`;
},
},
[eventCodes.ACCESS_LIST_MEMBER_UPDATE_FAILURE]: {
type: 'access_list.member.update',
desc: 'Access list member update failure',
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] failed to update ${formatMembers(
format: ({ access_list_title, members, access_list_name, updated_by }) => {
return `User [${updated_by}] failed to update ${formatMembers(
members
)} in access list [${access_list_name}]`,
)} in access list [${access_list_title || access_list_name}]`;
},
},
[eventCodes.ACCESS_LIST_MEMBER_DELETE]: {
type: 'access_list.member.delete',
desc: 'Access list member removed',
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] removed ${formatMembers(
format: ({ access_list_title, members, access_list_name, updated_by }) => {
return `User [${updated_by}] removed ${formatMembers(
members
)} from access list [${access_list_name}]`,
)} from access list [${access_list_title || access_list_name}]`;
},
},
[eventCodes.ACCESS_LIST_MEMBER_DELETE_FAILURE]: {
type: 'access_list.member.delete',
desc: 'Access list member removal failure',
format: ({ access_list_name, members, updated_by }) =>
`User [${updated_by}] failed to remove ${formatMembers(
format: ({ access_list_title, members, access_list_name, updated_by }) => {
return `User [${updated_by}] failed to remove ${formatMembers(
members
)} from access list [${access_list_name}]`,
)} from access list [${access_list_title || access_list_name}]`;
},
},
[eventCodes.ACCESS_LIST_MEMBER_DELETE_ALL_FOR_ACCESS_LIST]: {
type: 'access_list.member.delete_all_members',
desc: 'All members removed from access list',
format: ({ access_list_name, updated_by }) =>
`User [${updated_by}] removed all members from access list [${access_list_name}]`,
format: ({ access_list_title, access_list_name, updated_by }) => {
return `User [${updated_by}] removed all members from access list [${access_list_title || access_list_name}]`;
},
},
[eventCodes.ACCESS_LIST_MEMBER_DELETE_ALL_FOR_ACCESS_LIST_FAILURE]: {
type: 'access_list.member.delete_all_members',
desc: 'Access list member delete all members failure',
format: ({ access_list_name, updated_by }) =>
`User [${updated_by}] failed to remove all members from access list [${access_list_name}]`,
format: ({ access_list_title, access_list_name, updated_by }) => {
return `User [${updated_by}] failed to remove all members from access list [${access_list_title || access_list_name}]`;
},
},
[eventCodes.USER_LOGIN_INVALID_ACCESS_LIST]: {
type: 'user_login.invalid_access_list',
desc: 'Access list skipped.',
format: ({ access_list_name, user, missing_roles }) =>
`Access list [${access_list_name}] is invalid and was skipped for member [${user}] because it references non-existent role${missing_roles.length > 1 ? 's' : ''} [${missing_roles}]`,
format: ({ access_list_title, access_list_name, user, missing_roles }) =>
`Access list [${access_list_title || access_list_name}] is invalid and was skipped for member [${user}] because it references non-existent role${missing_roles.length > 1 ? 's' : ''} [${missing_roles}]`,
},
[eventCodes.SECURITY_REPORT_AUDIT_QUERY_RUN]: {
type: 'secreports.audit.query.run"',
Expand Down
12 changes: 12 additions & 0 deletions web/packages/teleport/src/services/audit/types.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1508,55 +1508,63 @@ export type RawEvents = {
typeof eventCodes.ACCESS_LIST_CREATE,
{
name: string;
access_list_title: string;
updated_by: string;
}
>;
[eventCodes.ACCESS_LIST_CREATE_FAILURE]: RawEvent<
typeof eventCodes.ACCESS_LIST_CREATE_FAILURE,
{
name: string;
access_list_title: string;
updated_by: string;
}
>;
[eventCodes.ACCESS_LIST_UPDATE]: RawEvent<
typeof eventCodes.ACCESS_LIST_UPDATE,
{
name: string;
access_list_title: string;
updated_by: string;
}
>;
[eventCodes.ACCESS_LIST_UPDATE_FAILURE]: RawEvent<
typeof eventCodes.ACCESS_LIST_UPDATE_FAILURE,
{
name: string;
access_list_title: string;
updated_by: string;
}
>;
[eventCodes.ACCESS_LIST_DELETE]: RawEvent<
typeof eventCodes.ACCESS_LIST_DELETE,
{
name: string;
access_list_title: string;
updated_by: string;
}
>;
[eventCodes.ACCESS_LIST_DELETE_FAILURE]: RawEvent<
typeof eventCodes.ACCESS_LIST_DELETE_FAILURE,
{
name: string;
access_list_title: string;
updated_by: string;
}
>;
[eventCodes.ACCESS_LIST_REVIEW]: RawEvent<
typeof eventCodes.ACCESS_LIST_REVIEW,
{
name: string;
access_list_title: string;
updated_by: string;
}
>;
[eventCodes.ACCESS_LIST_REVIEW_FAILURE]: RawEvent<
typeof eventCodes.ACCESS_LIST_REVIEW_FAILURE,
{
name: string;
access_list_title: string;
updated_by: string;
}
>;
Expand All @@ -1582,20 +1590,23 @@ export type RawEvents = {
typeof eventCodes.ACCESS_LIST_MEMBER_DELETE_ALL_FOR_ACCESS_LIST,
{
access_list_name: string;
access_list_title: string;
updated_by: string;
}
>;
[eventCodes.ACCESS_LIST_MEMBER_DELETE_ALL_FOR_ACCESS_LIST_FAILURE]: RawEvent<
typeof eventCodes.ACCESS_LIST_MEMBER_DELETE_ALL_FOR_ACCESS_LIST_FAILURE,
{
access_list_name: string;
access_list_title: string;
updated_by: string;
}
>;
[eventCodes.USER_LOGIN_INVALID_ACCESS_LIST]: RawEvent<
typeof eventCodes.USER_LOGIN_INVALID_ACCESS_LIST,
{
access_list_name: string;
access_list_title: string;
user: string;
missing_roles: string[];
}
Expand Down Expand Up @@ -1993,6 +2004,7 @@ type RawEventAccessList<T extends EventCode> = RawEvent<
access_list_name: string;
members: { member_name: string }[];
updated_by: string;
access_list_title: string;
}
>;

Expand Down
Loading