ambari-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Levas (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-22571) Handle passwords/sensitive data in Ambari configuration properties
Date Fri, 01 Dec 2017 13:06:00 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-22571?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16274356#comment-16274356
] 

Robert Levas commented on AMBARI-22571:
---------------------------------------

[~smolnar]...

Password properties in the {{ambari.properites}} file is moved out into a different file.
If the Ambari credential store is enabled, sensitive data is stored there, else I believe
that it is moved into its own file.  

The properties in this case are similar in that they are Ambari-level properties.  I suspect
many properties will be moved from the {{ambari.properties}} file into the Ambari database,
like the LDAP configuration properties.  Ideally, the Ambari credential store is set up and
the sensitive values can be stored there. However for now, this is optional.  I want to push
to make this mandatory as part of the Ambari server setup, but I am not sure if I will get
traction on that.  Maybe others in the community will chime in. 

For now, we need to hide the sensitive data from results in REST API requests.  For example
{{GET /api/v1/services/AMBARI/components/AMBARI_SERVER/configurations/ldap-configuration}}.
Or maybe even hide the sensitive data from non-Ambari Administrator users. 



> Handle passwords/sensitive data in Ambari configuration properties
> ------------------------------------------------------------------
>
>                 Key: AMBARI-22571
>                 URL: https://issues.apache.org/jira/browse/AMBARI-22571
>             Project: Ambari
>          Issue Type: Task
>          Components: ambari-server
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Minor
>              Labels: config, security
>             Fix For: trunk
>
>
> Passwords and other sensitive data stored as values to properties in Ambari configurations
need to be masked or not stored in cleartext.
> For example, {{ldap-configuration/ambari.ldap.connectivity.trust_store.password}} and
ldap-{{configuration/ambari.ldap.connectivity.bind_password}}.
> If the Ambari credential store is enabled (which might be by default as of Ambari 3.0.0),
the sensitive date can be stored there like we do when sensitive data is to be stored in the
ambari.properties file - see {{org.apache.ambari.server.security.encryption.CredentialStoreService}}.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message