Skip to content

Feature request: redact sensitive data from logs #1032

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
damianesteban opened this issue Jul 30, 2022 · 3 comments
Closed

Feature request: redact sensitive data from logs #1032

damianesteban opened this issue Jul 30, 2022 · 3 comments
Assignees
@dreamorosi
Labels
duplicate This issue is a duplicate of an existing one feature-request This item refers to a feature request for an existing or new utility logger This item relates to the Logger Utility rejected This is something we will not be working on. At least, not in the measurable future

Comments

@damianesteban
Copy link

damianesteban commented Jul 30, 2022
edited
Loading

Description of the feature request

Problem statement

I want to redact potential PII and/or PHI in my serverless logs.
Summary of the feature

This may not be a "feature" necessarily, it might be possible with the current middleware. But the idea is I want to pass in an array of keys that would display as redacted in the logs.

Code examples

Example log:

  const user = {
    firstName: 'Bob',
    lastName: 'Smith',
  }
  logger.info('new user registered: ' + user);

Logs in Cloudwatch:

'new user registered: { firstName: [REDACTED], lastName: [REDACTED] }`

Benefits for you and the wider AWS community

Being able to redact sensitive information from logs is essential.

Describe alternatives you've considered

Another logging library. But I like this one.

Additional context

Related issues, RFCs
@damianesteban damianesteban added the triage This item has not been triaged by a maintainer, please wait label Jul 30, 2022
@damianesteban damianesteban changed the title Feature (module name): short issue description Feature (logger): redact sensitive data from logs Jul 30, 2022
@dreamorosi dreamorosi added logger This item relates to the Logger Utility enhancement labels Jul 30, 2022
@dreamorosi
Copy link
Contributor

Hi @damianesteban thank you for taking the time to open this feature request.

I think it's an interesting idea and we have had a very similar feature request that is being discussed here #728

May I suggest that you take a look at that issue and then consider one of these two options:

  • If your thoughts align with the existing issue (RFC: Auto Mask Secrets #728): add your +1 as well as any additional thoughts, then closing this issue in favour the original one
  • If your the feature you had in mind differs significantly from (RFC: Auto Mask Secrets #728): share additional details around how the API you have in mind would look like and how would it differ from the one described in RFC: Auto Mask Secrets #728

Thank you again for your interest in Powertools for TypeScript!

@damianesteban
Copy link
Author

Thank you, I will review. I'd like us to adopt this library as our default logger/tracer for AWS lambda.

@github-actions
Copy link
Contributor

⚠️ COMMENT VISIBILITY WARNING ⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

@dreamorosi dreamorosi removed the triage This item has not been triaged by a maintainer, please wait label Oct 19, 2022
@dreamorosi dreamorosi changed the title Feature (logger): redact sensitive data from logs Feature request: redact sensitive data from logs Nov 14, 2022
@dreamorosi dreamorosi added duplicate This issue is a duplicate of an existing one rejected This is something we will not be working on. At least, not in the measurable future feature-request This item refers to a feature request for an existing or new utility labels Nov 14, 2022
@dreamorosi dreamorosi self-assigned this Nov 14, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dreamorosi dreamorosi

Labels
duplicate This issue is a duplicate of an existing one feature-request This item refers to a feature request for an existing or new utility logger This item relates to the Logger Utility rejected This is something we will not be working on. At least, not in the measurable future
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@damianesteban @dreamorosi