[v16] auditlog: introduce USER_KIND_SYSTEM for system roles#56178
Merged
tigrato merged 1 commit intobranch/v16from Jun 27, 2025
Merged
[v16] auditlog: introduce USER_KIND_SYSTEM for system roles#56178tigrato merged 1 commit intobranch/v16from
USER_KIND_SYSTEM for system roles#56178tigrato merged 1 commit intobranch/v16from
Conversation
* auditlog: introduce `USER_KIND_SYSTEM` for system roles Teleport allows that system roles perform certain actions like creating, updating or deleting users, roles and access lists when performed by the Okta integration or creating, updating and deleting apps, kube, dbs when performed by the discovery service. When #35881 was implemented, it only contemplated two states: bot or human. If the identity wasn't a bot, it was automatically tagged as a human. This behavior is fine if we only emited audit logs for actions performed by bots or users, but that's not the case. We also emit for certain system actions. When reading the audit log, one can see that the audit log is marked as user although the username has the format: `<uuid>.<teleportClusterName>`. This PR attempts to introduce a third user kind - system - that should identity when the action was performed by a system component. This is a requirement so that Identity Security can distinguish user actions and system actions. Signed-off-by: Tiago Silva <tiago.silva@goteleport.com> * add unit tests --------- Signed-off-by: Tiago Silva <tiago.silva@goteleport.com>
tigrato
added
the
no-changelog
rosstimothy
approved these changes
Jun 27, 2025
hugoShaka
approved these changes
Jun 27, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport of #56160 to branch/v16