Skip to content

[Feature] Audit

CxJ edited this page Sep 27, 2022 · 1 revision

Audit

Audit is a critical feature for enterprises and many industries require audit capabilities for compliance, and many businesses require it internally for security best practices. To ensure Arlon does not create a complicated audit environment with actions occurring in disparate tools Arlon will implement a strict audit capability, including events for:

  • All user invocations of the CLI including create cluster, update, delete. Profile create, update and delete.
  • Changes to Arlon CRs made in the management clusters.
  • A "change" is detected, where a change is one of:
    • User edits a Arlon managed object on a cluster or in the management cluster.
    • A User updates Git. A user updates a ClusterSpec or Profile using Arlon CLI.
  • When a user runs a Diff

The audit trail should contain details such as:

  • is detected and contain where the change is (GitRepo or Cluster)
  • When ArgoCD Sync, replace, repair, prune actions are made, either manually or automated
  • Audits should store a history of the Diff, at a minimum the actual Diff (which lines were not matching)
  • Audit logs should be saved in Arlon and support sending the events to an external system via at a minimum web hook.

Cluster Enforcement Mode & Audit Options By default Enforced and Monitored mode clusters will automatically log audit events. Users need to optionally enable Audit for unmanaged clusters.