nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Franco (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (NIFI-4256) Add support for all AWS S3 Encryption Options
Date Tue, 08 Aug 2017 04:55:00 GMT

     [ https://issues.apache.org/jira/browse/NIFI-4256?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Franco updated NIFI-4256:
-------------------------
    Description: 
NiFi currently only supports SSE-S3 encryption (AES256).

Support needs to be added for:
* SSE-S3
* SSE-KMS
* SSE-C
* CSE-KMS CMK
* CSE-Master Key

With all of the appropriate configuration options and such that SSE is available only for
PutS3Object whilst CSE is available also for FetchS3Object.

Given that this will add another 20 or so UI properties the intention is to split it into
a Client Side Encryption Service and Server Side Encryption Service. This will allow users
to reuse "encryption" across different workflows.

Existing flows using the Server Side Encryption option will still work as is but will be overridden
if a service is added.

  was:
NiFi currently only supports SSE-S3 encryption (AES256).

Support needs to be added for:
* SSE-S3
* SSE-KMS
* SSE-C
* CSE-KMS CMK
* CSE-Master Key

With all of the appropriate configuration options and such that SSE is available only for
PutS3Object whilst CSE is available also for FetchS3Object.

Given that this will add another 20 or so UI properties the intention is to split it into
a Client Side Encryption Service and Server Side Encryption Service. This will allow users
to reuse "encryption" across different workflows.

Note: We will not support the existing server-side-encryption option so this will be a breaking
change for existing users. 


> Add support for all AWS S3 Encryption Options
> ---------------------------------------------
>
>                 Key: NIFI-4256
>                 URL: https://issues.apache.org/jira/browse/NIFI-4256
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework
>    Affects Versions: 1.2.0
>            Reporter: Franco
>              Labels: aws, aws-s3, security
>             Fix For: 1.4.0
>
>
> NiFi currently only supports SSE-S3 encryption (AES256).
> Support needs to be added for:
> * SSE-S3
> * SSE-KMS
> * SSE-C
> * CSE-KMS CMK
> * CSE-Master Key
> With all of the appropriate configuration options and such that SSE is available only
for PutS3Object whilst CSE is available also for FetchS3Object.
> Given that this will add another 20 or so UI properties the intention is to split it
into a Client Side Encryption Service and Server Side Encryption Service. This will allow
users to reuse "encryption" across different workflows.
> Existing flows using the Server Side Encryption option will still work as is but will
be overridden if a service is added.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message