Auditing User Authentication and Authorization
To meet compliance and regulation objectives, you can audit the user interactions through the Kloudfuse observability platform.
To monitor both authentication and authorization services in the Kloudfuse UI data plane, contact the Kloudfuse support team. See Support.
Optionally, users with admin privileges can access the relevant logs on the command line; see Authentication Auditing and Authorization Auditing.
Authentication Auditing
For authentication, the administrator can view the user login interactions in the kfuse-auth deployment logs.
kubectl logs -n kfuse deployment/kfuse-authAuthorization Auditing
For authorization, the RBAC configuration enables the administrators to examing the logs of user-mgmt-service to view the user actions on the various Kloudfuse resources.
kubectl logs -n kfuse deployment/user-mgmt-serviceAudit Logs
To be able to view audit logs in the UI, first enable these features in your cluster custom-values.yaml configuration file:
global:
RBACEnabled: true
EnableAuditLogs: true
EnableAuditSelfIngest: trueThese three settings work together as dependencies: EnableAuditSelfIngest requires EnableAuditLogs to be enabled, which in turn requires RBACEnabled. This configuration enables RBAC authentication for all operations, captures audit logs for mutation operations, and ingests those logs into Kloudfuse so they are viewable in the Logs section of the UI.
After applying these configurations and updating your cluster, you can view the audit logs in the Logs section by filtering with audit_log="true" or by source using Core:source="kf-audit-log".
