audit: provide the ability to redact specific fields from being saved in the audit db
scarlettperry opened this issue · comments
Scarlett Perry commented
Description
In the audit DB, we save the request and response of an API call as metadata. We currently have the ability to redact the entire request and response field values from being saved in the audit db if it contains sensitive data.
Example
clutch/api/authn/v1/authn.proto
Lines 26 to 30 in 83c47c8
However, it would be great to be able to specify which specific fields should be redacted so that the non-sensitive values can be preserved in the audit db. An example use case of this raised in #1201.
Complexity [S/M/L]: S