Add user_id,project_id traits to audit events

The ceilometer audit events stored at the ceilometer database currently don't have user_id/project_id associated with them even though this information is available as part of the event message payload. The user_id and project_id information has to be stored as traits so that there's user/project context for each event and these traits are required to apply RBAC-based rules and filters on events. For eg., presence of these traits enable db queries - like get all events for a project/user against events. The audit event definition in the events yaml file already stores payload.initiator.id as initiator_id but the initiator_id trait is not a common trait across all events and thus this trait cannot be used to apply RBAC filter against events.This changeset will thus add user_id and project_id traits to the audit events namely *.http.* and add useri_id and project_id as default traits for all events. DocImpact Change-Id: If4034342c4e60d519f0ec96ae8895dcf78f8ad3b blueprint: events-rbac
2015-08-11 13:17:15 +02:00 · 2015-08-11 13:17:15 +02:00 · 6a532111bc
commit 6a532111bc
parent c18d69a800
3 changed files with 12 additions and 0 deletions
--- a/ceilometer/event/converter.py
+++ b/ceilometer/event/converter.py
@ -154,6 +154,12 @@ class EventDefinition(object):
    DEFAULT_TRAITS = dict(
        service=dict(type='text', fields='publisher_id'),
        request_id=dict(type='text', fields='_context_request_id'),
+        project_id=dict(type='text', fields=['payload.tenant_id',
+                                             '_context_tenant']),
+        user_id=dict(type='text', fields=['payload.user_id',
+                                          '_context_user_id']),
+        # TODO(dikonoor):tenant_id is old terminology and should
+        # be deprecated
        tenant_id=dict(type='text', fields=['payload.tenant_id',
                                            '_context_tenant']),
    )
--- a/doc/source/events.rst
+++ b/doc/source/events.rst
@ -126,6 +126,8 @@ all events if the notification has the relevant data:
 * service:  (All notifications should have this) notification's publisher
 * tenant_id
 * request_id
+* project_id
+* user_id

 These do not have to be specified in the event definition, they are
 automatically added, but their definitions can be overridden for a given
--- a/etc/ceilometer/event_definitions.yaml
+++ b/etc/ceilometer/event_definitions.yaml
@ -331,6 +331,10 @@
      fields: ['payload.ipsec_site_connection.id', 'payload.id']
 - event_type: '*http.*'
  traits: &http_audit
+    project_id:
+      fields: payload.initiator.project_id
+    user_id:
+      fields: payload.initiator.id
    typeURI:
      fields: payload.typeURI
    eventType: