Hi there, I have a question to the Prefect team on the hybrid model but also want to raise awareness on a potential security/data protection issue for other users. According to the Prefect website, code and data should never leave a customers infrastructure. The "exception" here are of course the log entries which can contain any kind of data. In Prefect 1, this was ok for us as we sanitized our own log entries and the logs generated by Prefect itself did not seem to contain any sensitive data. However, in Prefect 2, the log entries generated by Prefect may contain all arguments passed to a function! So far I only found the example below where it happens when the passed argument names do not match what the task expects. However, are there more of these cases were data can leak into the logs? Is this really the intended behavior?

from prefect import task, flow

@task
def task1(arg1):
    pass

@flow
def main_flow():
    task1(arg1_wrong=1)

main_flow()

Logs on Prefect Cloud:

HI Stefan, Maybe I mis-understand a little bit? This is containing a traceback for a failure, which is just the log, and not the code itself. I guess what would be the expected behavior here? Assuming you didn’t want to see parameters passed into logs, what would be the ideal scenario for troubleshooting a failure in that case?

Hi Christopher, thanks for getting back on this! I agree regarding the code, the issue is with the parameter values which are logged. These parameter values can for example be sensitive personally identifying data which depending on the industry, as it is the case for us, should never make their way to Prefect Cloud. I'm aware that it's a tradeoff of showinge nough so it can be debugged, but I think just showing that the argument names do not match without printing the actual values of the arguments would already be enough in this case to debug the issue.

Thank you for that input - I can raise that feedback and concern with the engineering team