Skip to content

Commit f554c5c

Browse files
tlhunterrochdev
tlhunter
authored and
rochdev
committed
update AWS payload extraction rules (#4859)
1 parent 27ab848 commit f554c5c

File tree

5 files changed

+75
-3
lines changed

5 files changed

+75
-3
lines changed

packages/datadog-plugin-aws-sdk/src/services/eventbridge.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ const BaseAwsSdkPlugin = require('../base')
44

55
class EventBridge extends BaseAwsSdkPlugin {
66
static get id () { return 'eventbridge' }
7+
static get isPayloadReporter () { return true }
78

89
generateTags (params, operation, response) {
910
if (!params || !params.source) return {}

packages/datadog-plugin-aws-sdk/src/services/kinesis.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,7 @@ const { storage } = require('../../../datadog-core')
1010
class Kinesis extends BaseAwsSdkPlugin {
1111
static get id () { return 'kinesis' }
1212
static get peerServicePrecursors () { return ['streamname'] }
13+
static get isPayloadReporter () { return true }
1314

1415
constructor (...args) {
1516
super(...args)

packages/datadog-plugin-aws-sdk/src/services/s3.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ const BaseAwsSdkPlugin = require('../base')
55
class S3 extends BaseAwsSdkPlugin {
66
static get id () { return 's3' }
77
static get peerServicePrecursors () { return ['bucketname'] }
8+
static get isPayloadReporter () { return true }
89

910
generateTags (params, operation, response) {
1011
const tags = {}

packages/datadog-plugin-aws-sdk/src/services/sqs.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@ const { DsmPathwayCodec } = require('../../../dd-trace/src/datastreams/pathway')
99
class Sqs extends BaseAwsSdkPlugin {
1010
static get id () { return 'sqs' }
1111
static get peerServicePrecursors () { return ['queuename'] }
12+
static get isPayloadReporter () { return true }
1213

1314
constructor (...args) {
1415
super(...args)

packages/dd-trace/src/payload-tagging/config/aws.json

Lines changed: 71 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,14 +17,82 @@
1717
"$.Attributes.Token",
1818
"$.Endpoints.*.Token",
1919
"$.PhoneNumber",
20-
"$.PhoneNumbers",
21-
"$.phoneNumbers",
2220
"$.PlatformApplication.*.PlatformCredential",
2321
"$.PlatformApplication.*.PlatformPrincipal",
24-
"$.Subscriptions.*.Endpoint"
22+
"$.Subscriptions.*.Endpoint",
23+
"$.PhoneNumbers[*].PhoneNumber",
24+
"$.phoneNumbers[*]"
2525
],
2626
"expand": [
2727
"$.MessageAttributes.*.StringValue"
2828
]
29+
},
30+
"eventbridge": {
31+
"request": [
32+
"$.AuthParameters.OAuthParameters.OAuthHttpParameters.HeaderParameters[*].Value",
33+
"$.AuthParameters.OAuthParameters.OAuthHttpParameters.QueryStringParameters[*].Value",
34+
"$.AuthParameters.OAuthParameters.OAuthHttpParameters.BodyParameters[*].Value",
35+
"$.AuthParameters.InvocationHttpParameters.HeaderParameters[*].Value",
36+
"$.AuthParameters.InvocationHttpParameters.QueryStringParameters[*].Value",
37+
"$.AuthParameters.InvocationHttpParameters.BodyParameters[*].Value",
38+
"$.Targets[*].RedshiftDataParameters.Sql",
39+
"$.Targets[*].RedshiftDataParameters.Sqls",
40+
"$.Targets[*].AppSyncParameters.GraphQLOperation",
41+
"$.AuthParameters.BasicAuthParameters.Password",
42+
"$.AuthParameters.OAuthParameters.ClientParameters.ClientSecret",
43+
"$.AuthParameters.ApiKeyAuthParameters.ApiKeyValue"
44+
],
45+
"response": [
46+
"$.AuthParameters.OAuthParameters.OAuthHttpParameters.HeaderParameters[*].Value",
47+
"$.AuthParameters.OAuthParameters.OAuthHttpParameters.QueryStringParameters[*].Value",
48+
"$.AuthParameters.OAuthParameters.OAuthHttpParameters.BodyParameters[*].Value",
49+
"$.AuthParameters.InvocationHttpParameters.HeaderParameters[*].Value",
50+
"$.AuthParameters.InvocationHttpParameters.QueryStringParameters[*].Value",
51+
"$.AuthParameters.InvocationHttpParameters.BodyParameters[*].Value",
52+
"$.Targets[*].RedshiftDataParameters.Sql",
53+
"$.Targets[*].RedshiftDataParameters.Sqls",
54+
"$.Targets[*].AppSyncParameters.GraphQLOperation"
55+
],
56+
"expand": [
57+
]
58+
},
59+
"s3": {
60+
"request": [
61+
"$.SSEKMSKeyId",
62+
"$.SSEKMSEncryptionContext",
63+
"$.ServerSideEncryptionConfiguration.Rules[*].ApplyServerSideEncryptionByDefault.KMSMasterKeyID",
64+
"$.InventoryConfiguration.Destination.S3BucketDestination.Encryption.SSEKMS.KeyId",
65+
"$.SSECustomerKey",
66+
"$.CopySourceSSECustomerKey",
67+
"$.RestoreRequest.OutputLocation.S3.Encryption.KMSKeyId"
68+
69+
],
70+
"response": [
71+
"$.SSEKMSKeyId",
72+
"$.SSEKMSEncryptionContext",
73+
"$.ServerSideEncryptionConfiguration.Rules[*].ApplyServerSideEncryptionByDefault.KMSMasterKeyID",
74+
"$.InventoryConfiguration.Destination.S3BucketDestination.Encryption.SSEKMS.KeyId",
75+
"$.Credentials.SecretAccessKey",
76+
"$.Credentials.SessionToken",
77+
"$.InventoryConfigurationList[*].Destination.S3BucketDestination.Encryption.SSEKMS.KeyId"
78+
],
79+
"expand": [
80+
]
81+
},
82+
"sqs": {
83+
"request": [
84+
],
85+
"response": [
86+
],
87+
"expand": [
88+
]
89+
},
90+
"kinesis": {
91+
"request": [
92+
],
93+
"response": [
94+
],
95+
"expand": [
96+
]
2997
}
3098
}

0 commit comments

Comments
 (0)