search

hashicorp / nomad

Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications. Nomad is easy to operate and scale and has native Consul and Vault integrations.
https://www.nomadproject.io/
Other
14.83k stars 1.95k forks source link

Add ACL Authentication and Authorization Metrics to Nomad #24142

Open econsult-devops opened 15 hours ago

econsult-devops commented 15 hours ago

Proposal

Hello,

While configuring alerts for my Nomad cluster, I noticed that there are no existing metrics to track ACL-related events. Specifically, I am interested in monitoring denied RPC requests due to insufficient permissions.

It would be very useful to have built-in metrics that provide insights into authentication and authorization failures, including failed RPC requests due to ACL violations. This would enable more proactive alerting without relying on log scanning, which currently requires setting the log level to debug to capture failed authentication attempts—a less-than-ideal solution due to the increased verbosity.

Use-cases

The primary use case is to enhance security monitoring and infrastructure management by making it easier to detect and respond to failed authentication or authorization attempts. This could help identify potential security breaches or misconfigurations in a more efficient manner than parsing debug logs.

tgross commented 15 hours ago

Just leaving a note here that we'll want to consider how much this feature request overlaps with the Nomad Enterprise audit feature.