Implement Audit events for policy management operations
What does this MR do and why?
We would like to collect audit events when a security policy is created/updated/deleted. For centralized management, audit events are scoped to the security policy project.
Implementation
One security policy project can be linked to multiple projects. When the policy.yml is updated, we update the security policies for each project using the policy.yml.
However, when creating audit events, we would like to avoid duplicates. Therefore, when processing policy.yml, we are collecting audit events only for the first project linked to the security policy project.
References
Screenshots or screen recordings
| Before | After |
|---|---|
 |
How to set up and validate locally
- Navigate to "Secure => Policies" for a project
- Create/Update/Delete a security policy
- Go to the "Security policy project"
- Navigate to "Secure => Audit events"
- Audit event with for the policy management operations are generated
MR acceptance checklist
Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.
Related to #539230 (closed)
Edited by Imam Hossain