Mistral

Hide sensitive data from http actions logs

Registered by Oleg Ovcharuk

For now, Mistral has no instruments for hiding sensitive data from http action logs.
It could lead to the problem, when customer sensitive data (e.g. some tokens) could be accessible for everyone who had access to logs.
HTTP action could have this sensitive information:
* Request Headers
* Request Body
* Response Body

We should create an ability to configure what we should hide from mistral logs.

Example of how it could be configured:

[action_logging]
hide_response_body = true
hide_request_body = true
sensitive_headers = Header1, Header2

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Oleg Ovcharuk
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.opendev.org/#/q/topic:bp/mistral-hide-sensitive-data-from-http-actions-logs

Addressed by: https://review.opendev.org/c/openstack/mistral/+/864745
    Add an ability to hide sensitive data from http action logs

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.
Edit subscription

Subscribers

No subscribers.