capistrant opened a new issue #9174: Druid Basic Security - Allow dynamic update of escalated client credentials URL: https://github.com/apache/druid/issues/9174 ### Description Updating the escalated client credential information when using basic-security requires a rolling restart of the cluster. This is not ideal for large clusters that take a long time to roll through for an update. There should be functionality to dynamically update the credentials used by the escalated client so changes can be made without rolling restarts. An example for when this would be helpful is if a password is compromised or when a corporation requires quarterly password rotations. Since we want to limit this to zero downtime, we likely need to implement a way to change to a new user/password combo for the escalated client during runtime. If we were to try and retain the user and update the password, we would run into the case where we'd need to positively authenticate for multiple user/password pairs because distributing the credentials to all nodes at once seems like a stretch goal. The idea would be to roll out the new user/password pair to the cluster and once it is verified that the old pair is no longer in use, the admin can do what is needed to finish the process (update password, delete account, etc.) ### Motivation Rolling restarts of large clusters are time consuming and should be limited to major config changes/upgrades/etc. Adding to that, when security is in question, time is of the essence to rotate away from a compromised credential. Taking the cluster offline temporarily for a one time credential reset is an option, but many organizations adhere to uptime standards that make this mostly undesirable except for the most critical of cases.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
