Skip to content

Resolve "Revoked/Created agent access tokens should fire audit events"

What does this MR do and why?

This change set introduces two new audit events:

  • cluster_agent_token_created
  • cluster_agent_token_revoked

Those events are emitted in the Clusters::AgentTokens::CreateService and Clusters::AgentTokens::RevokeService, respectively.

The RevokeService is also implemented in this MR to share the revocation logic between the REST and GraphQL API.

Screenshots or screen recordings


How to set up and validate locally

  1. Create Project
  2. Create Kubernetes Cluster Agent
  3. Create Token for that agent
  4. Check audit events via UI (Security & Compliance -> Audit Events) or API

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #382133 (closed)

Edited by Timo Furrer

Merge request reports