io.confluent.security.audit

Class AuditLogUtils

java.lang.Object

io.confluent.security.audit.AuditLogUtils

public class AuditLogUtils
extends Object

Field Summary

Fields

Modifier and Type	Field and Description
static String	AUTHENTICATION_EVENT_NAME
static String	AUTHENTICATION_FAILED_EVENT_USER

Constructor Summary

Constructors

Constructor and Description
AuditLogUtils()

Method Summary

Modifier and Type	Method and Description
static io.confluent.protobuf.events.auditlog.v2.AuditLog	auditLog(org.apache.kafka.server.audit.KafkaRequestEvent requestEvent, AuditExtractorOptions extractorOptions, boolean hasAuthorizationFailure, boolean validateOnly, com.google.protobuf.Struct requestData, io.confluent.protobuf.events.auditlog.v2.Result.Status status, com.google.protobuf.Struct resultData, List<io.confluent.protobuf.events.auditlog.v2.TypedCloudResourceRef> typedCloudResourceRefList, String resourceCrn)
static io.confluent.security.audit.AuditLogEntry	authenticationEvent(io.confluent.kafka.security.audit.event.ConfluentAuthenticationEvent authenticationEvent, ConfluentServerCrnAuthority crnAuthority)
static io.confluent.security.audit.AuditLogEntry	authenticationEvent(io.confluent.kafka.security.audit.event.ConfluentAuthenticationEvent authenticationEvent, org.apache.kafka.common.security.auth.KafkaPrincipal originalPrincipal, ConfluentServerCrnAuthority crnAuthority, boolean omitClientAddress)
static io.confluent.security.audit.AuditLogEntry	authorizationEvent(io.confluent.security.authorizer.provider.ConfluentAuthorizationEvent authorizationEvent, ConfluentServerCrnAuthority crnAuthority)
static io.confluent.security.audit.AuditLogEntry	authorizationEvent(io.confluent.security.authorizer.provider.ConfluentAuthorizationEvent authorizationEvent, org.apache.kafka.common.security.auth.KafkaPrincipal originalPrincipal, ConfluentServerCrnAuthority crnAuthority, boolean omitClientAddress)
static Optional<io.confluent.protobuf.events.auditlog.v2.FullyQualifiedCloudResourceRef>	cloudResourceRef(List<io.confluent.protobuf.events.auditlog.v2.TypedCloudResourceRef> typedCloudResourceRefList)
static boolean	hasAuthorizationFailure(short errorCode)
static String	methodName(io.confluent.security.authorizer.provider.ConfluentAuthorizationEvent authorizationEvent)
static String	methodName(org.apache.kafka.server.audit.KafkaRequestEvent kafkaRequestEvent)
static String	requestCrn(ConfluentServerCrnAuthority crnAuthority, org.apache.kafka.server.audit.KafkaRequestEvent requestEvent)
static String	requestResourceCrn(ConfluentServerCrnAuthority crnAuthority, org.apache.kafka.server.audit.KafkaRequestEvent requestEvent, io.confluent.security.authorizer.ResourcePattern resourcePattern)
static io.confluent.crn.ConfluentResourceName.Element	resourceNameElement(io.confluent.security.audit.AuditLogEntry entry) This returns the last element of the resource in the "resourceName" field.
static List<io.confluent.protobuf.events.auditlog.v2.TypedCloudResourceRef>	typedCloudResourceRefList(org.apache.kafka.server.audit.KafkaRequestEvent requestEvent)
static io.confluent.protobuf.events.auditlog.v2.RequestMetadata	v2RequestMetadata(org.apache.kafka.server.audit.KafkaRequestEvent requestEvent, AuditExtractorOptions extractorOptions)
static io.confluent.protobuf.events.auditlog.v2.Principal	v2SchemaPrincipal(org.apache.kafka.server.audit.KafkaRequestEvent requestEvent)

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

AUTHENTICATION_FAILED_EVENT_USER

public static final String AUTHENTICATION_FAILED_EVENT_USER

See Also:

Constant Field Values

AUTHENTICATION_EVENT_NAME

public static final String AUTHENTICATION_EVENT_NAME

See Also:

Constant Field Values

Constructor Detail

AuditLogUtils

public AuditLogUtils()

Method Detail

authorizationEvent

public static io.confluent.security.audit.AuditLogEntry authorizationEvent(io.confluent.security.authorizer.provider.ConfluentAuthorizationEvent authorizationEvent,
                                                                           ConfluentServerCrnAuthority crnAuthority)
                                                                    throws io.confluent.crn.CrnSyntaxException

Throws:

io.confluent.crn.CrnSyntaxException

authorizationEvent

public static io.confluent.security.audit.AuditLogEntry authorizationEvent(io.confluent.security.authorizer.provider.ConfluentAuthorizationEvent authorizationEvent,
                                                                           org.apache.kafka.common.security.auth.KafkaPrincipal originalPrincipal,
                                                                           ConfluentServerCrnAuthority crnAuthority,
                                                                           boolean omitClientAddress)
                                                                    throws io.confluent.crn.CrnSyntaxException

Throws:

io.confluent.crn.CrnSyntaxException

methodName

public static String methodName(io.confluent.security.authorizer.provider.ConfluentAuthorizationEvent authorizationEvent)

resourceNameElement

public static io.confluent.crn.ConfluentResourceName.Element resourceNameElement(io.confluent.security.audit.AuditLogEntry entry)
                                                                          throws io.confluent.crn.CrnSyntaxException

This returns the last element of the resource in the "resourceName" field.

Throws:

io.confluent.crn.CrnSyntaxException

authenticationEvent

public static io.confluent.security.audit.AuditLogEntry authenticationEvent(io.confluent.kafka.security.audit.event.ConfluentAuthenticationEvent authenticationEvent,
                                                                            ConfluentServerCrnAuthority crnAuthority)
                                                                     throws io.confluent.crn.CrnSyntaxException

Throws:

io.confluent.crn.CrnSyntaxException

authenticationEvent

public static io.confluent.security.audit.AuditLogEntry authenticationEvent(io.confluent.kafka.security.audit.event.ConfluentAuthenticationEvent authenticationEvent,
                                                                            org.apache.kafka.common.security.auth.KafkaPrincipal originalPrincipal,
                                                                            ConfluentServerCrnAuthority crnAuthority,
                                                                            boolean omitClientAddress)
                                                                     throws io.confluent.crn.CrnSyntaxException

Throws:

io.confluent.crn.CrnSyntaxException

auditLog

public static io.confluent.protobuf.events.auditlog.v2.AuditLog auditLog(org.apache.kafka.server.audit.KafkaRequestEvent requestEvent,
                                                                         AuditExtractorOptions extractorOptions,
                                                                         boolean hasAuthorizationFailure,
                                                                         boolean validateOnly,
                                                                         com.google.protobuf.Struct requestData,
                                                                         io.confluent.protobuf.events.auditlog.v2.Result.Status status,
                                                                         com.google.protobuf.Struct resultData,
                                                                         List<io.confluent.protobuf.events.auditlog.v2.TypedCloudResourceRef> typedCloudResourceRefList,
                                                                         String resourceCrn)
                                                                  throws io.confluent.crn.CrnSyntaxException

Throws:

io.confluent.crn.CrnSyntaxException

requestCrn

public static String requestCrn(ConfluentServerCrnAuthority crnAuthority,
                                org.apache.kafka.server.audit.KafkaRequestEvent requestEvent)
                         throws io.confluent.crn.CrnSyntaxException

Throws:

io.confluent.crn.CrnSyntaxException

methodName

public static String methodName(org.apache.kafka.server.audit.KafkaRequestEvent kafkaRequestEvent)

requestResourceCrn

public static String requestResourceCrn(ConfluentServerCrnAuthority crnAuthority,
                                        org.apache.kafka.server.audit.KafkaRequestEvent requestEvent,
                                        io.confluent.security.authorizer.ResourcePattern resourcePattern)
                                 throws io.confluent.crn.CrnSyntaxException

Throws:

io.confluent.crn.CrnSyntaxException

v2SchemaPrincipal

public static io.confluent.protobuf.events.auditlog.v2.Principal v2SchemaPrincipal(org.apache.kafka.server.audit.KafkaRequestEvent requestEvent)

hasAuthorizationFailure

public static boolean hasAuthorizationFailure(short errorCode)

v2RequestMetadata

public static io.confluent.protobuf.events.auditlog.v2.RequestMetadata v2RequestMetadata(org.apache.kafka.server.audit.KafkaRequestEvent requestEvent,
                                                                                         AuditExtractorOptions extractorOptions)

cloudResourceRef

public static Optional<io.confluent.protobuf.events.auditlog.v2.FullyQualifiedCloudResourceRef> cloudResourceRef(List<io.confluent.protobuf.events.auditlog.v2.TypedCloudResourceRef> typedCloudResourceRefList)

typedCloudResourceRefList

public static List<io.confluent.protobuf.events.auditlog.v2.TypedCloudResourceRef> typedCloudResourceRefList(org.apache.kafka.server.audit.KafkaRequestEvent requestEvent)