add mount accessor to audit request and responses (#15342)

* add mount accessor to audit request and responses * add changelog * cleanup todo
hashicorp · May 12, 2022 · 854a6f4 · 854a6f4
1 parent 816036b
commit 854a6f4
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 16 deletions.
diff --git a/audit/format.go b/audit/format.go
@@ -115,6 +115,7 @@ func (f *AuditFormatter) FormatRequest(ctx context.Context, w io.Writer, config
 			ClientTokenAccessor: req.ClientTokenAccessor,
 			Operation:           req.Operation,
 			MountType:           req.MountType,
+			MountAccessor:       req.MountAccessor,
 			Namespace: &AuditNamespace{
 				ID:   ns.ID,
 				Path: ns.Path,
@@ -278,6 +279,7 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config
 			ClientTokenAccessor: req.ClientTokenAccessor,
 			Operation:           req.Operation,
 			MountType:           req.MountType,
+			MountAccessor:       req.MountAccessor,
 			Namespace: &AuditNamespace{
 				ID:   ns.ID,
 				Path: ns.Path,
@@ -293,14 +295,15 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config
 		},
 
 		Response: &AuditResponse{
-			MountType: req.MountType,
-			Auth:      respAuth,
-			Secret:    respSecret,
-			Data:      resp.Data,
-			Warnings:  resp.Warnings,
-			Redirect:  resp.Redirect,
-			WrapInfo:  respWrapInfo,
-			Headers:   resp.Headers,
+			MountType:     req.MountType,
+			MountAccessor: req.MountAccessor,
+			Auth:          respAuth,
+			Secret:        respSecret,
+			Data:          resp.Data,
+			Warnings:      resp.Warnings,
+			Redirect:      resp.Redirect,
+			WrapInfo:      respWrapInfo,
+			Headers:       resp.Headers,
 		},
 	}
 
@@ -343,6 +346,7 @@ type AuditRequest struct {
 	ReplicationCluster            string                 `json:"replication_cluster,omitempty"`
 	Operation                     logical.Operation      `json:"operation,omitempty"`
 	MountType                     string                 `json:"mount_type,omitempty"`
+	MountAccessor                 string                 `json:"mount_accessor,omitempty"`
 	ClientToken                   string                 `json:"client_token,omitempty"`
 	ClientTokenAccessor           string                 `json:"client_token_accessor,omitempty"`
 	Namespace                     *AuditNamespace        `json:"namespace,omitempty"`
@@ -357,14 +361,15 @@ type AuditRequest struct {
 }
 
 type AuditResponse struct {
-	Auth      *AuditAuth             `json:"auth,omitempty"`
-	MountType string                 `json:"mount_type,omitempty"`
-	Secret    *AuditSecret           `json:"secret,omitempty"`
-	Data      map[string]interface{} `json:"data,omitempty"`
-	Warnings  []string               `json:"warnings,omitempty"`
-	Redirect  string                 `json:"redirect,omitempty"`
-	WrapInfo  *AuditResponseWrapInfo `json:"wrap_info,omitempty"`
-	Headers   map[string][]string    `json:"headers,omitempty"`
+	Auth          *AuditAuth             `json:"auth,omitempty"`
+	MountType     string                 `json:"mount_type,omitempty"`
+	MountAccessor string                 `json:"mount_accessor,omitempty"`
+	Secret        *AuditSecret           `json:"secret,omitempty"`
+	Data          map[string]interface{} `json:"data,omitempty"`
+	Warnings      []string               `json:"warnings,omitempty"`
+	Redirect      string                 `json:"redirect,omitempty"`
+	WrapInfo      *AuditResponseWrapInfo `json:"wrap_info,omitempty"`
+	Headers       map[string][]string    `json:"headers,omitempty"`
 }
 
 type AuditAuth struct {

diff --git a/changelog/15342.txt b/changelog/15342.txt
@@ -0,0 +1,3 @@
+```release-note:improvement
+audit: Include mount_accessor in audit request and response logs
+```