Skip to content

Add audit logging to Zowe Explorer for accessing the SDK #4369

Description

@phaumer

Is your feature request related to a problem? Please describe.

Zowe Explorer SDK was designed with the purpose of sharing resources such as connection profiles with Zowe Explorer extenders to make integrating with Zowe Explorer and layering other products on top of it easy. However, customers are reporting that they would like to keep control which extensions access what information.

Describe the solution you'd like

I propose to add an audit log level that records access to Zowe Explorer data such as profiles and sessions that contain passwords and tokens as well as other data such the registration of new menus. We could lock the access (after a transition period for extenders) behind a required registration call (independent of registering a new profile type) and audit all calls the registered extenders make to Zowe Explorer SDK. Another more advanced feature would be allowing customers to manage white and blacklists of extensions that have access. Part of a Zowe certification process could mean that an extender would be listed as part of the default whitelist.

Describe alternatives you've considered

Additional context

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    Status
    New Issues

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions