Open ofer-haim opened 1 year ago
Hello, In the input plugin I see exposure of the access_key_id: https://github.com/logstash-plugins/logstash-integration-aws/blob/main/lib/logstash/plugin_mixins/aws_config/generic.rb#L18
Isn't it supposed to be masked? Without having this field defined as 'password' instead of 'string' the access_key_id is being printed to logs. This is define is PII in AWS documentation: https://docs.aws.amazon.com/comprehend/latest/dg/how-pii.html#how-pii-redact
Hello, In the input plugin I see exposure of the access_key_id: https://github.com/logstash-plugins/logstash-integration-aws/blob/main/lib/logstash/plugin_mixins/aws_config/generic.rb#L18
Isn't it supposed to be masked? Without having this field defined as 'password' instead of 'string' the access_key_id is being printed to logs. This is define is PII in AWS documentation: https://docs.aws.amazon.com/comprehend/latest/dg/how-pii.html#how-pii-redact