Open sashee opened 1 year ago
That's correct, when AppSync logs the context
object, sensitive information is removed from the log message. However, we do not edit/redact any information that is logged via console.log
functions. The identity data and header data is made available in the context to allow developers to take specific action based on the values
The
ctx.request.headers.authorization
contains the exact authorization header that the client sent in the request.This is a very sensitive information as that allows anybody who can read it to send requests impersonating the user with that token. And since it's included in the context, it's very easy to accidentally log them:
payload
or with a direct lambda resolver and then log the event (very common for debugging):I think since the context already contains the
identity
with all important information about the caller, the authorization header should be removed or at least truncated.Interestingly, AppSync resolver logging omits this:
And at the end of the request, it is truncated: