Access Logs

Understanding who has accessed a secret, when they accessed it, and what medium they accessed it through is necessary to be confident in your security posture.

πŸ“˜

This feature is in public beta and may change at any time. During beta, only Environments created October 21, 2022 or later will generate access logs. Email [email protected] with any questions.

Overview

Config Access Logs allow workplaces to understand which actors have accessed a config's secrets. Users with the appropriate permissions can see the config version, access mechanism, and whether the config was viewed in its entirety or just a subset via a reference.

For any config, you can view the Access Log by selecting the Access Log tab

Access

Doppler maintains the first and most recent time an actor accessed a config. Access is defined as any time an actor makes a request to Doppler and receives a config payload in return. If the request does not receive a secrets payload in return, such as in the case of Kubernetes Operator when it receives a 'no update' response, an access event is not counted.

Actors

An actor is a person (user) or programmatic means of viewing a config's secrets. Each actor is distinctly represented and filterable in the Access Log table. Actors include:

  • Users
  • Service Tokens
  • Personal Access Tokens
  • CLI Tokens
  • Terraform Provider
  • Kubernetes Operator
  • API

Actor distinctness

For each access type, we use properties of the access event to further differentiate actors. If any of the properties differ between requests, it will be logged as a separate record for the actor.

  • Dashboard: IP, OS, browser
  • API: IP
  • CLI: IP, cli version
  • Kubernetes Operator: IP, version
  • Terraform Provider: IP, version

Example: If a user accesses a config from the Dashboard using two different browsers, it will be recorded as separate access records

Access Scope

Access Logs include a Scope column that may contain two possible values

  • All: the entire config was viewed
  • Subset: one or more secrets were read as references in a different config

Access History

The viewable amount of access history is bound by the plan you are on. See the pricing page for plan specifics.