WriteRequestBodies profile for API audit logs is exposing user and serviceaccount tokens in OpenShift Container Platform 4.
Issue
Changing the default profile setting for API audit logs to WriteRequestBodies
increases the amount of information the logs store. Some of these logs contain user and serviceaccount traces or token information that could represent a security risk. Therefore, it is important to filter them.
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 4.6 to 4.11
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.