Side effect to ingest configuration files of EDS DMS
The GC Team has identified an issue. According to the architectural design of this service, the procedure involves creating configuration files within the Storage Service. Subsequently, new records will be indexed by the Indexer Search and placed into Elastic Search. As a result, these records become discoverable through the Search Service.
https://community.gcp.gnrg-osdu.projects.epam.com/api/search/v2/query
bode:
{
"kind": "osdu:wks:reference-data--SecuritySchemeType:1.0.0"
}
response:
{
"results": [
{
"data": {
"AttributionPublication": null,
"InactiveIndicator": null,
"Description": "An open and industry-standard protocol for authorization",
"ResourceLifecycleStatus": null,
"ResourceCurationStatus": null,
"TechnicalAssuranceID": null,
"Code": "OAuth2",
"Source": "SecuritySchemeType.1.0.0.xlsx",
"Name": "OAuth 2.0",
"AttributionAuthority": "OSDU",
"ResourceHomeRegionID": null,
"VirtualProperties.DefaultName": "OAuth 2.0",
"AttributionRevision": null,
"ResourceSecurityClassification": null,
"ID": "OAuth2",
"ExistenceKind": null
},
"kind": "osdu:wks:reference-data--SecuritySchemeType:1.0.0",
"source": "wks",
"acl": {
"viewers": [
"data.default.viewers@osdu.group"
],
"owners": [
"data.default.owners@osdu.group"
]
},
"type": "reference-data--SecuritySchemeType",
"version": 1697963580525660,
"tags": {
"normalizedKind": "osdu:wks:reference-data--SecuritySchemeType:1"
},
"modifyUser": "osdu-community-sa-airflow@nice-etching-277309.iam.gserviceaccount.com",
"modifyTime": "2023-10-22T08:33:00.665Z",
"createTime": "2022-09-30T10:26:21.248Z",
"authority": "osdu",
"namespace": "osdu:wks",
"legal": {
"legaltags": [
"osdu-demo-legaltag"
],
"otherRelevantDataCountries": [
"US"
],
"status": "compliant"
},
"createUser": "osdu-community-sa-airflow@nice-etching-277309.iam.gserviceaccount.com",
"id": "osdu:reference-data--SecuritySchemeType:OAuth2"
},
{
"data": {
"AttributionPublication": null,
"InactiveIndicator": null,
"Description": "Requests are authenticated using an access key, such as a JSON Web Token, in the request header.",
"ResourceLifecycleStatus": null,
"ResourceCurationStatus": null,
"TechnicalAssuranceID": null,
"Code": "Bearer",
"Source": "SecuritySchemeType.1.0.0.xlsx",
"Name": "Bearer Token",
"AttributionAuthority": "OSDU",
"ResourceHomeRegionID": null,
"VirtualProperties.DefaultName": "Bearer Token",
"AttributionRevision": null,
"ResourceSecurityClassification": null,
"ID": "Bearer",
"ExistenceKind": null
},
"kind": "osdu:wks:reference-data--SecuritySchemeType:1.0.0",
"source": "wks",
"acl": {
"viewers": [
"data.default.viewers@osdu.group"
],
"owners": [
"data.default.owners@osdu.group"
]
},
"type": "reference-data--SecuritySchemeType",
"version": 1697963580525660,
"tags": {
"normalizedKind": "osdu:wks:reference-data--SecuritySchemeType:1"
},
"modifyUser": "osdu-community-sa-airflow@nice-etching-277309.iam.gserviceaccount.com",
"modifyTime": "2023-10-22T08:33:00.665Z",
"createTime": "2022-09-30T10:28:21.843Z",
"authority": "osdu",
"namespace": "osdu:wks",
"legal": {
"legaltags": [
"osdu-demo-legaltag"
],
"otherRelevantDataCountries": [
"US"
],
"status": "compliant"
},
"createUser": "osdu-community-sa-airflow@nice-etching-277309.iam.gserviceaccount.com",
"id": "osdu:reference-data--SecuritySchemeType:Bearer"
}
],
"aggregations": null,
"totalCount": 2
}
It appears there may be a potential security concern within the EDS Service architecture.