Open jbelkins opened 3 weeks ago
Currently HTTP headers are logged at the info level for requests, i.e.
info
Authorization: AWS4-HMAC-SHA256 Credential=ASIAZXCVBNMASEXAMPLE/20240610/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token,
Customers would prefer not to have their AWS Key ID in the logs.
If another authentication method such as bearer token is used in the future, this issue could become more severe if not handled.
IDs and secrets for AWS or other credentials should not be logged.
AWS key ID is currently logged at the info level.
Use SDK to make AWS request with logging at the info level. Observe logged values for HTTP headers.
Redact sensitive strings from log statements as part of the logging process
No response
main
latest
0.2 is for investigation - ask other SDKs on what they do with authorization header when logging
Describe the bug
Currently HTTP headers are logged at the
info
level for requests, i.e.Customers would prefer not to have their AWS Key ID in the logs.
If another authentication method such as bearer token is used in the future, this issue could become more severe if not handled.
Expected Behavior
IDs and secrets for AWS or other credentials should not be logged.
Current Behavior
AWS key ID is currently logged at the
info
level.Reproduction Steps
Use SDK to make AWS request with logging at the
info
level. Observe logged values for HTTP headers.Possible Solution
Redact sensitive strings from log statements as part of the logging process
Additional Information/Context
No response
AWS SWIFT SDK version used
main
Compiler and Version used
latest
Operating System and version
latest