Add protos for Identity Activity Center#54653
Merged
juliaogris merged 2 commits intomasterfrom May 12, 2025
Merged
Conversation
juliaogris
force-pushed
the
julia/iac-protos
branch
2 times, most recently
from
379cdd1 to
452ff58
Compare
juliaogris
changed the title
juliaogris
force-pushed
the
julia/iac-protos
branch
3 times, most recently
from
1f2da74 to
38941a5
Compare
juliaogris
force-pushed
the
julia/iac-protos
branch
2 times, most recently
from
bb6ddff to
1ce0118
Compare
tigrato
reviewed
May 9, 2025
Comment on lines
+6768
to
+6786
| string client_id = 2; | ||
| string organization_name = 4; | ||
| google.protobuf.Timestamp start_date = 5 [ | ||
| (gogoproto.stdtime) = true, | ||
| (gogoproto.nullable) = false | ||
| ]; |
| message PluginGithubSettings { | ||
| option (gogoproto.equal) = true; | ||
|
|
||
| // APIEndpoint is the address of Github API. |
Contributor
There was a problem hiding this comment.
this is only important if using github enterprise. It's worth adding to the doc
| repeated AccessGraphAzureSync Azure = 3 [(gogoproto.jsontag) = "azure,omitempty"]; | ||
| } | ||
|
|
||
| message AccessGraphAWSSyncSQSPolling { |
Comment on lines
+608
to
+613
| // AWSCloudTrailResumeRegionState holds the state for a particular region. | ||
| message AWSCloudTrailResumeRegionState { | ||
| string next_page = 1; | ||
| optional string last_event_id = 2; | ||
| google.protobuf.Timestamp last_event_time = 3; | ||
| } |
Contributor
There was a problem hiding this comment.
Suggested change
| // AWSCloudTrailResumeRegionState holds the state for a particular region. | |
| message AWSCloudTrailResumeRegionState { | |
| string next_page = 1; | |
| optional string last_event_id = 2; | |
| google.protobuf.Timestamp last_event_time = 3; | |
| } |
| // exporting GitHub audit log events from a client (ex.: a Teleport connector | ||
| // for GitHub) to the AccessGraphService. | ||
| // | ||
| // This stream facilitates: - Initial configuration exchange (e.g., setting |
Contributor
There was a problem hiding this comment.
same comment as aws/teleport config and resume state responses are sent using two different messages
|
|
||
| //GitHubAuditLogV1 holds the events shared between the client and the server. | ||
| message GitHubAuditLogV1 { | ||
| repeated google.protobuf.Struct events = 1; |
| // GitHubConfigV1 specifies configuration settings for GitHub audit log exports, | ||
| // including the desired start date for log collection. | ||
| message GitHubConfigV1 { | ||
| google.protobuf.Timestamp start_date = 1; // Start date for exporting audit logs. |
| google.protobuf.Timestamp expires = 4; | ||
| // permissions are the token permissions. | ||
| repeated GithubTokenV1Permission permissions = 5; | ||
| string organization = 6; |
juliaogris
commented
May 9, 2025
| // enabled. | ||
| bool enable_bidirectional_sync = 10; | ||
| // Enable SIEM (Security Information and Event Management) integration. | ||
| bool enable_siem_integration = 11; |
Contributor
Author
There was a problem hiding this comment.
I will change this to:
// Enable Okta system log export.
bool enable_system_log_export = 11;as well
juliaogris
force-pushed
the
julia/iac-protos
branch
from
811b242 to
fec783c
Compare
mvbrock
approved these changes
May 9, 2025
juliaogris
added
the
no-changelog
juliaogris
force-pushed
the
julia/iac-protos
branch
2 times, most recently
from
8f68286 to
aa32e60
Compare
Add new and extend protos for the new Identity Activity Center feature in Access Graph. Identity centers around activities of user, allows to easily correlate log items by identity target or type and proactively provides alerts such as impossible travel.
juliaogris
force-pushed
the
julia/iac-protos
branch
from
aa32e60 to
06cba84
Compare
Fix according to review comments.
juliaogris
force-pushed
the
julia/iac-protos
branch
from
06cba84 to
aa4125a
Compare
tigrato
approved these changes
May 12, 2025
public-teleport-github-review-bot
Bot
removed request for
klizhentas and
rosstimothy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add new and extend Protos for the new Identity Activity
Center (IAC) feature in Access Graph. IAC exposes and analysis activities of users,
allows to easily correlate log items by identity, target or type and proactively
provides alerts such as impossible travel.
Introduce of new Proto files for Okta and GitHub integrations, new
configuration fields (e.g., SIEM (Security Information and Event Management)
integration settings in Okta and AWS SQS polling settings), and extensive
updates to gRPC service definitions and generated code for access graph services.
This is the first PR in a longer chain to merge the long running
PoC from the
iacbranches of various gravitational repos into themasterbranch.Please take care reviewing the comments, I added them even though
I didn't author all the related original code and might have gotten
them wrong.
Link: https://github.com/gravitational/teleport/tree/iac