5.7. Auditability

In case something bad happened, it is crucible to be able to (verifiably) reconstruct what happened, especially who did what.

Enable Audit Log signing in Airlock IAM (disabled by default):

  • Use different key material for audit logging for different stages (test, acceptance, production): individual audit log key material is automatically generated when creating an IAM instance using the instance manager.
  • Do not copy the audit log configuration from test environments to the production environments
  • Protect the audit log configuration (including the private key for signing) as much as possible (ownership, permissions, restrict access to IAM host)
  • Regularly store the audit log files in a safe place (e.g. a log server)

See 8.5. Logging configuration for further information.

Use personal admin accounts in IAM Adminapp:

  • Do not use a shared "admin" account in productive systems
  • Create a personal Adminapp account for each administrator / help desk user, so his/her name is logged to the audit log.

Enable web server access logs:

See 8.5. Logging configuration to see how to enable access logs in IAM.