@zuplo/runtime 6.71.23 → 6.71.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1350,6 +1350,150 @@ declare interface AuditLogEntry {
1350
1350
  };
1351
1351
  }
1352
1352
 
1353
+ /**
1354
+ * A CloudEvent 1.0 audit log entry. Most fields are auto-populated by the
1355
+ * runtime; user code only supplies the type/subject/resources/data fields when
1356
+ * calling `AuditLogInboundPolicy.log()`.
1357
+ *
1358
+ * @public
1359
+ */
1360
+ export declare interface AuditLogEvent {
1361
+ specversion: "1.0";
1362
+ id: string;
1363
+ source: string;
1364
+ type: string;
1365
+ time: string;
1366
+ datacontenttype?: "application/json";
1367
+ subject?: string;
1368
+ bucketid: string;
1369
+ actorsub?: string;
1370
+ actortype?: "user" | "service" | "apikey" | "anonymous";
1371
+ actoremail?: string;
1372
+ actorconnection?: string;
1373
+ resources?: AuditLogResource[];
1374
+ requestid?: string;
1375
+ success?: boolean;
1376
+ httpmethod?: string;
1377
+ httpurl?: string;
1378
+ httpstatus?: number;
1379
+ ipaddress?: string;
1380
+ useragent?: string;
1381
+ country?: string;
1382
+ region?: string;
1383
+ city?: string;
1384
+ mcpserver?: string;
1385
+ mcpvirtualserver?: string;
1386
+ mcptool?: string;
1387
+ data?: Record<string, unknown>;
1388
+ extensions?: Record<string, unknown>;
1389
+ }
1390
+
1391
+ /**
1392
+ * Fields a caller may supply when emitting a custom audit event via
1393
+ * `AuditLogInboundPolicy.log()`. Everything else is filled in by the runtime
1394
+ * from the request context.
1395
+ *
1396
+ * @public
1397
+ */
1398
+ export declare interface AuditLogEventInput {
1399
+ type: string;
1400
+ subject?: string;
1401
+ resources?: AuditLogResource[];
1402
+ success?: boolean;
1403
+ data?: Record<string, unknown>;
1404
+ /**
1405
+ * Geolocation of the caller. When omitted, these default to the current
1406
+ * request's geo data (from the request context), so custom events carry the
1407
+ * same location information as the auto-emitted per-request event.
1408
+ */
1409
+ country?: string;
1410
+ region?: string;
1411
+ city?: string;
1412
+ /** Override the auto-derived actor (rare). */
1413
+ actor?: {
1414
+ sub?: string;
1415
+ type?: "user" | "service" | "apikey" | "anonymous";
1416
+ email?: string;
1417
+ connection?: string;
1418
+ };
1419
+ /** MCP-specific helpers. */
1420
+ mcp?: {
1421
+ server?: string;
1422
+ virtualServer?: string;
1423
+ tool?: string;
1424
+ };
1425
+ }
1426
+
1427
+ /**
1428
+ * Capture detailed logs of requests for auditing purposes. The policy emits
1429
+ * one structured CloudEvent per request, and user code can emit additional
1430
+ * events via the static `log()` method.
1431
+ *
1432
+ * @title Audit Logs
1433
+ * @product api-gateway
1434
+ * @public
1435
+ * @enterprise
1436
+ */
1437
+ export declare class AuditLogInboundPolicy extends InboundPolicy<AuditLogInboundPolicyOptions> {
1438
+ #private;
1439
+ static readonly policyType = "audit-logs";
1440
+ /**
1441
+ * Emit an audit event for the current request.
1442
+ *
1443
+ * Fields not provided are filled in from the request context (bucket id,
1444
+ * request id, time, actor, IP, user agent, etc).
1445
+ *
1446
+ * @param context - The current ZuploContext.
1447
+ * @param event - The event details to record.
1448
+ */
1449
+ static log(context: ZuploContext, event: AuditLogEventInput): void;
1450
+ constructor(options: AuditLogInboundPolicyOptions, policyName: string);
1451
+ handler(
1452
+ request: ZuploRequest,
1453
+ context: ZuploContext
1454
+ ): Promise<ZuploRequest | Response>;
1455
+ }
1456
+
1457
+ /**
1458
+ * The options for the Audit Log Inbound policy.
1459
+ * @public
1460
+ */
1461
+ export declare interface AuditLogInboundPolicyOptions {
1462
+ /**
1463
+ * Reverse-DNS prefix used for the auto-emitted request event type. Defaults to 'com.zuplo.api'.
1464
+ */
1465
+ eventTypeBase?: string;
1466
+ /**
1467
+ * Override the bucket id this policy emits events for. Defaults to the bucket id from the runtime environment.
1468
+ */
1469
+ bucketId?: string;
1470
+ /**
1471
+ * Fraction of requests to capture, between 0 (none) and 1 (all). Defaults to 1.
1472
+ */
1473
+ samplingRate?: number;
1474
+ /**
1475
+ * Controls which potentially-sensitive parts of each request are captured in the auto-emitted audit event. Disable fields to satisfy your own data-handling and PII policies. All are enabled by default.
1476
+ */
1477
+ include?: {
1478
+ /**
1479
+ * Include the request's query-string parameters in the logged URL. Disable if query strings may contain sensitive data.
1480
+ */
1481
+ queryParams?: boolean;
1482
+ /**
1483
+ * Include the authenticated user / actor identity (subject, email, connection).
1484
+ */
1485
+ user?: boolean;
1486
+ /**
1487
+ * Include the caller's IP address.
1488
+ */
1489
+ ipAddress?: boolean;
1490
+ /**
1491
+ * Include the caller's geolocation (country, region, city).
1492
+ */
1493
+ geolocation?: boolean;
1494
+ };
1495
+ }
1496
+
1353
1497
  /**
1354
1498
  * Configuration options for audit logging
1355
1499
  * @public
@@ -1394,6 +1538,16 @@ declare interface AuditLogRequestFilter {
1394
1538
  (request: ZuploRequest, context: ZuploContext): Promise<boolean>;
1395
1539
  }
1396
1540
 
1541
+ /**
1542
+ * A resource affected by an audit event.
1543
+ * @public
1544
+ */
1545
+ export declare interface AuditLogResource {
1546
+ type: string;
1547
+ id: string;
1548
+ metadata?: Record<string, unknown>;
1549
+ }
1550
+
1397
1551
  /**
1398
1552
  * Authenticate users using Auth0 issued JWT tokens.
1399
1553
  *
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@zuplo/runtime",
3
3
  "type": "module",
4
- "version": "6.71.23",
4
+ "version": "6.71.25",
5
5
  "repository": "https://github.com/zuplo/zuplo",
6
6
  "author": "Zuplo, Inc.",
7
7
  "exports": {