Skip to content

[Backend] Set instance-level external audit event destination

Implementation plan

Since there could be a possibility of having multiple external destinations for instance level audit events, following implementation plan is proposed.

  1. Add a new table with name "instance_audit_events_external_destinations", with following attributes:
    1. destination_url: text, limit 255, not null.
    2. verification_token: text.
  2. For GraphQL API:
    1. Create new mutations instanceAuditEventExternalDestinationCreate, instanceAuditEventExternalDestinationUpdate, instanceAuditEventExternalDestinationDestroy and query instanceAuditEventExternalDestination for performing CRUD operations on the above table. Details of GraphQL mutations and queries are mentioned in later section.
    2. For authentication, user must be an admin of the instance.
  3. No need to create REST APIs or make any changes to existing REST APIs, these will be similar to CI/CD and some other settings.
  4. Feature will be behind a feature flag ff_external_audit_events.
  5. This feature will be available for only ultimate customers under the existing the feature with name external_audit_events.

GraphQL queries:

  1. Create destination:
mutation {
  instanceAuditEventExternalDestinationCreate(input: { destinationUrl: "https://example.com/hello". verificationToken: "f4242Qadaf" }) {
    errors
    instanceAuditEventExternalDestination {
      id
      destinationUrl
      verificationToken
    }
  }
}
  1. List destinations:
query {
  instanceAuditEventExternalDestination {
    nodes {
      destinationUrl
      verificationToken
      id
    }
  }
}
  1. Update destination:
mutation {
  instanceAuditEventExternalDestinationUpdate(input: { id: destination_id, destinationUrl: "https://example.com/hello". verificationToken: "f4242Qadaf" }) {
    errors
    instanceAuditEventExternalDestination {
      id
      destinationUrl
      verificationToken
    }
  }
}
  1. Destroy destination:
mutation {
  instanceAuditEventExternalDestinationDestroy(input: { id: destination_id }) {
    errors
  }
}
Edited by Hitesh Raghuvanshi