hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dian Fu (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-11335) KMS ACL in meta data or database
Date Wed, 11 Mar 2015 03:23:39 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-11335?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14356171#comment-14356171

Dian Fu commented on HADOOP-11335:

Thanks a lot for review and comments [~asuresh].

{quote}1. do we need a setMetadata() ? what happens if there is no keyname ? I feel we should
not allow adding metadata for a key that does not exist. In which ocase only the add/remove
MetadataAttribute methods are all that are required.{quote}
Agree, will remove {{setMetadata()}}
{quote}2. Like i mentioned earlier, I feel ACL related stuff should not find its way into
the KeyProvider API. The KeyShell can expose create / delete ACL... but it should translate
to add/remove metadata on the KeyProvider.{quote}
Add/remove metadata is only used for Metadata based ACL, so {{KeyShell}} cannot simply translate
create/delete ACL to add/remove metadata. For example, for {{KMSClientProvider}}, whether
Metadata based ACL or Configuration based ACL is used depends on the configurations of KMS
and {{KeyShell}} don't know this information. Any thoughts?

> KMS ACL in meta data or database
> --------------------------------
>                 Key: HADOOP-11335
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11335
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>    Affects Versions: 2.6.0
>            Reporter: Jerry Chen
>            Assignee: Dian Fu
>              Labels: Security
>         Attachments: HADOOP-11335.001.patch, HADOOP-11335.002.patch, HADOOP-11335.003.patch,
HADOOP-11335.004.patch, HADOOP-11335.005.patch, HADOOP-11335.006.patch, HADOOP-11335.re-design.patch,
KMS ACL in metadata or database.pdf
>   Original Estimate: 504h
>  Remaining Estimate: 504h
> Currently Hadoop KMS has implemented ACL for keys and the per key ACL are stored in the
configuration file kms-acls.xml.
> The management of ACL in configuration file would not be easy in enterprise usage and
it is put difficulties for backup and recovery.
> It is ideal to store the ACL for keys in the key meta data similar to what file system
ACL does.  In this way, the backup and recovery that works on keys should work for ACL for
keys too.
> On the other hand, with the ACL in meta data, the ACL of each key can be easily manipulate
with API or command line tool and take effect instantly.  This is very important for enterprise
level access control management.  This feature can be addressed by separate JIRA. While with
the configuration file, these would be hard to provide.

This message was sent by Atlassian JIRA

View raw message