feat: limit audit trail (#6744)

* feat: enable limiting audit trail * support AddExclusiveQuery * fix invalid condition * register event mappers * fix NullDuration validity * test query side for limits * lint * acceptance test audit trail limit * fix acceptance test * translate limits not found * update tests * fix linting * add audit log retention to default instance * fix tests * update docs * remove todo * improve test name
2025-08-11 18:07:31 +00:00 · 2023-10-25 13:42:00 +02:00
parent 1c839e308b
commit 385a55bd21
52 changed files with 1778 additions and 172 deletions
--- a/proto/zitadel/system.proto
+++ b/proto/zitadel/system.proto
@@ -365,6 +365,10 @@ service SystemService {
  // Returns an error if the quota already exists for the specified unit
  // Deprecated: use SetQuota instead
  rpc AddQuota(AddQuotaRequest) returns (AddQuotaResponse) {
+    option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
+      tags: ["Usage Control", "Quotas"];
+    };
+
    option (google.api.http) = {
      post: "/instances/{instance_id}/quotas"
      body: "*"
@@ -378,6 +382,10 @@ service SystemService {
  // Sets quota configuration properties
  // Creates a new quota if it doesn't exist for the specified unit
  rpc SetQuota(SetQuotaRequest) returns (SetQuotaResponse) {
+    option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
+      tags: ["Usage Control", "Quotas"];
+    };
+
    option (google.api.http) = {
      put: "/instances/{instance_id}/quotas"
      body: "*"
@@ -390,6 +398,10 @@ service SystemService {

  // Removes a quota
  rpc RemoveQuota(RemoveQuotaRequest) returns (RemoveQuotaResponse) {
+    option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
+      tags: ["Usage Control", "Quotas"];
+    };
+
    option (google.api.http) = {
      delete: "/instances/{instance_id}/quotas/{unit}"
    };
@@ -410,6 +422,71 @@ service SystemService {
      permission: "authenticated";
    };
  }
+
+  // Sets instance level limits
+  rpc SetLimits(SetLimitsRequest) returns (SetLimitsResponse) {
+    option (google.api.http) = {
+      put: "/instances/{instance_id}/limits"
+      body: "*"
+    };
+
+    option (zitadel.v1.auth_option) = {
+      permission: "authenticated";
+    };
+
+    option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
+      tags: ["Usage Control", "Limits"];
+      responses: {
+        key: "200";
+        value: {
+          description: "Instance limits set";
+        };
+      };
+      responses: {
+        key: "400";
+        value: {
+          description: "At least one limit must be specified";
+          schema: {
+            json_schema: {
+              ref: "#/definitions/rpcStatus";
+            };
+          };
+        };
+      };
+    };
+  }
+
+  // Resets instance level limits
+  rpc ResetLimits(ResetLimitsRequest) returns (ResetLimitsResponse) {
+    option (google.api.http) = {
+      delete: "/instances/{instance_id}/limits"
+    };
+
+    option (zitadel.v1.auth_option) = {
+      permission: "authenticated";
+    };
+
+    option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
+      tags: ["Usage Control", "Limits"];
+      responses: {
+        key: "200";
+        value: {
+          description: "Limits are reset to the system defaults";
+        };
+      };
+      responses: {
+        key: "404";
+        value: {
+          description: "Limits are already set to the system defaults";
+          schema: {
+            json_schema: {
+              ref: "#/definitions/rpcStatus";
+            };
+          };
+        };
+      };
+    };
+  }
 }


@@ -683,6 +760,27 @@ message RemoveQuotaResponse {
  zitadel.v1.ObjectDetails details = 1;
 }

+message SetLimitsRequest {
+  string instance_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
+  google.protobuf.Duration audit_log_retention = 2 [
+    (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
+      description: "AuditLogRetention limits the number of events that can be queried via the events API by their age. A value of '0s' means that all events are available. If this value is set, it overwrites the system default.";
+    }
+  ];
+}
+
+message SetLimitsResponse {
+  zitadel.v1.ObjectDetails details = 1;
+}
+
+message ResetLimitsRequest {
+  string instance_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
+}
+
+message ResetLimitsResponse {
+  zitadel.v1.ObjectDetails details = 1;
+}
+
 message ExistsDomainRequest {
  string domain = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
 }
@@ -906,4 +1004,4 @@ message SetInstanceFeatureRequest {

 message SetInstanceFeatureResponse {
  zitadel.v1.ObjectDetails details = 1;
-}
+}