sql: print out statements in logs with redaction markers only around sensitive bits (make SQL keywords etc non-redactable)

[pxlogan]

Is your feature request related to a problem? Please describe.
Currently in the SQL Audit logs AWS secret keys are fully displayed when they are logged. Even though these can be redacted when extracted it is bad behaviour to have these logged ever.

Describe the solution you'd like
No secret keys/similar displayed in logs ever,

Describe alternatives you've considered
None

Additional context

Epic CC-4113

[thtruo]

@pxlogan just a heads up, in 21.1 users can configure their logs such that sensitive information (like secrets) are redacted upfront before it is written to a log file (using redact and redactable see https://www.cockroachlabs.com/docs/v21.1/log-sinks.html). The inability do that upfront was a limitation of our old logging system in 20.2 and prior versions. With 21.1, users can prevent secrets from ever showing up on logs

cc @knz as this relates to our recent conversations about redacting operational vs application sensitive information

[knz]

Yes correct, Paul if they don't like their secrets they can set redact: true in the sink that collects their query execution.

However we do have a problem with this: the AWS keys are part of the SQL syntax of the statement. The entire statement is considered sensitive information. With pre-redaction enabled, the entire statement gets erased from the log. This negates the ability of the user to track their query execution.

The proper approach here is to introduce partial redactability for SQL statements included in logs -- so that the sensitive part of the SQL statement is marked sensitive, but the rest remains marked safe. This is a SQL observability action item.

[knz]

I changed the title of the issue accordingly.

cc @jordanlewis for triage.

[knz]

The technical work required is to create a new SQL AST pretty-printer that emits a RedactableString instead of a regular go string, and uses redaction markers around literals and object names.