Audit user authentication and authorization

User auditing is possible for both authentication and authorization

For authentication, the administrator can view the user login logs in the kfuse-auth deployment logs.

kubectl logs -n kfuse deployment/kfuse-auth

For authorization, with the RBAC configured the administrators can use the logs of user-mgmt-service to view the user actions performed on various Kloudfuse resources.

kubectl logs -n kfuse deployment/user-mgmt-service

 

Optionally, the administrator can choose to monitor both the services in the Kloudfuse data plane. This is not configured by default. Please consult with Kloudfuse team to accomplish this.