New

Cloud Manager Audit events

Brad_morris · 2024-10-16T23:45:31+00:00

Request for Feature Enhancement (RFE) Summary: Extend the Cloud Manager events to include Audit related events Use-case: I want to be able to monitor changes to environment variables, domains, ip whitelisting etc... Current/Experienced Behavior: There is no audit trail of changes by users Improved/Expected Behavior: Events are to provide the user, change area, previous value, new value and time of change Environment Details (AEM version/service pack, any other specifics if applicable): Cloud Manager Customer-name/Organization name: Spark New Zealand Screenshot (if applicable): Not applicable, not currently provided Code package (if applicable):

Forum|Forum|1 year ago
October 16, 2024
5 replies
696 views

Request for Feature Enhancement (RFE) Summary:	Extend the Cloud Manager events to include Audit related events
Use-case:	I want to be able to monitor changes to environment variables, domains, ip whitelisting etc...
Current/Experienced Behavior:	There is no audit trail of changes by users
Improved/Expected Behavior:	Events are to provide the user, change area, previous value, new value and time of change
Environment Details (AEM version/service pack, any other specifics if applicable):	Cloud Manager
Customer-name/Organization name:	Spark New Zealand
Screenshot (if applicable):	Not applicable, not currently provided
Code package (if applicable):

RiteshY18

Community Advisor

suggestion, this could be done using Adobe IO Reading Cloud Manager API and Events - but will be custom application deployed on cloud / server less @brad_morris

B

Brad_morrisAuthor

Thanks yes i'm aware of the API's, but the API's will only give me the state and not the change event. The events supported currently only relate to pipelines.

RiteshY18

Community Advisor

@brad_morris Cloud Manager API that allows you to retrieve information on pipeline executions, environments, branches, domains, IP whitelisting, execution and others can be used for tracking, what specific you want to capture here

B

Brad_morrisAuthor

@riteshy18 , yes I am aware I have tested this API.

Via the API Approach, if I have an environment variable thats been changed, I would need to perform analysis on the variables to determine the change over time which may be long after its changed, additionally if this environment variable is a secret then we have no mechanism to track change. Therefore an event which indicates change would allow us to understand and track a change has occurred. Cloud Manager events exist today, so extending them to allow for the subscription of change would be the minimum.
Considering there is no audit report in Cloud manager and no way to stream logs, its the one part of AEMaaCS which does not have enough auditing or logging capabilities for change management. Considering the changes that could occur in Cloud Manager, it could have extreme consequences for businesses.

EG: Environment Variable secret:

{

"name": "ACCESS_KEY",

"type": "secretString",

"service": "",

"status": "ready"

},

RiteshY18

Community Advisor

yes i agree about current API limitation however my point was most of key features / access can be done using API and have custom solution including historical logs , events etc.

Your use case is for Monitoring or specific to event audit which is nothing but a requirement to see who did what, when, and where.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded