WriteRequestBodies profile for API audit logs is exposing user and serviceaccount tokens in OpenShift Container Platform 4.

Solution Verified - Updated -

Issue

Changing the default profile setting for API audit logs to WriteRequestBodies increases the amount of information the logs store. Some of these logs contain user and serviceaccount traces or token information that could represent a security risk. Therefore, it is important to filter them.

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4.6 to 4.11

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content