Conversation
…slf4j-api dependency in the agent
…PAYLOAD_TAGGING config settings
…ath to jsurfer-core
Remove all extra dependencies for JsonPath logic. Avoid Json materialization, traverse using event-based Moshi JsonReader.
…RACE_CLOUD_PAYLOAD_TAGGING_MAX_TAGS
This reverts commit ee673c2.
…nsumption. Add support for reading array of bytes.
….Visitor as a more generic TagCollector
… test. PathCursor clean up.
Remove some unnecessary accidental changes.
amarziali
reviewed
Nov 4, 2024
| requestSensitivePaths.removeAll(commonSensitivePaths); | ||
| responseSensitivePaths.removeAll(commonSensitivePaths); | ||
|
|
||
| System.out.println("\nCommon sensitive paths:\n" + String.join("\n", commonSensitivePaths)); |
Contributor
There was a problem hiding this comment.
Those sysout might be removed or converted to different logging? Edit: perhaps is on purpose since it's on a internal utility
Contributor
Author
There was a problem hiding this comment.
The tool is internal and is for extracting redaction rules from AWS JSON schemas. Kept this mostly for reference and in case we want to automate this in the future.
amarziali
approved these changes
Nov 4, 2024
5 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What Does This Do
AWS Payload Tag Extraction
Adds functionality to capture AWS JSON response/request payload and convert it to span tags while applying default and user defined redaction rules. It also tries to expand any possibly embedded JSON-like string and binary data.
Aside from the original PR, which was just capturing a raw response/request body and trying to parse it as JSON, it takes a different approach to tackling this by using SdkPojo for top-level field traversal, which allows us to:
Motivation
Having the ability to see data that was passed into an HTTPS payload from one service to the other.
Help customers (especially those who are using serverless architecture) reproduce and resolve bugs in their serverless compute code or configuration.
Additional Notes
Supersedes #7312
Jira ticket: AIDM-174
NodeJS: DataDog/dd-trace-js#4309
Python: DataDog/dd-trace-py#10642
TODOExample 1: S3
Example 2: Sso
(manually enabled with custom redaction rules)
TODO
Contributor Checklist
type:and (comp:orinst:) labels in addition to any usefull labelsclose,fixor any linking keywords when referencing an issue.Use
solvesinstead, and assign the PR milestone to the issueJira ticket: [PROJ-IDENT]