How to audit secrets modifications

Hi all! I’m evaluating airflow as an option for a new system we’re building, and one of the requirements is we need to be able to trace/audit any changes to the stored secrets (connections and variables). I see airflow has an audit log, which is great, but it doesn’t seem to log modifications to secrets…which is surprising to me as I would think that’s the most important thing to be able to audit :joy:. Can anyone shed some light on how I could accomplish this? If I need to provide a custom secrets backend, does it have visibility into who the user is who is making the change? Thanks!