Resolve "Revoked/Created agent access tokens should fire audit events" (!112036) · Merge requests · GitLab.org / GitLab

Timo Furrer requested to merge 382133-revoked-created-agent-access-tokens-should-fire-audit-events into master Feb 15, 2023

What does this MR do and why?

This change set introduces two new audit events:

cluster_agent_token_created
cluster_agent_token_revoked

Those events are emitted in the Clusters::AgentTokens::CreateService and Clusters::AgentTokens::RevokeService, respectively.

The RevokeService is also implemented in this MR to share the revocation logic between the REST and GraphQL API.

Screenshots or screen recordings

How to set up and validate locally

Create Project
Create Kubernetes Cluster Agent
Create Token for that agent
Check audit events via UI (Security & Compliance -> Audit Events) or API

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #382133 (closed)

Edited Feb 15, 2023 by Timo Furrer

Resolve "Revoked/Created agent access tokens should fire audit events"

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports