suneet-s commented on a change in pull request #9432: Web console: expose props
for S3
URL: https://github.com/apache/druid/pull/9432#discussion_r394029259
##########
File path: web-console/src/views/load-data-view/load-data-view.tsx
##########
@@ -1076,11 +1076,21 @@ export class LoadDataView extends
React.PureComponent<LoadDataViewProps, LoadDat
<LearnMore href={getIngestionDocLink(spec)} />
</Callout>
{ingestionComboType ? (
- <AutoForm
- fields={getIoConfigFormFields(ingestionComboType)}
- model={ioConfig}
- onChange={c => this.updateSpecPreview(deepSet(spec,
'spec.ioConfig', c))}
- />
+ <>
+ <AutoForm
+ fields={getIoConfigFormFields(ingestionComboType)}
+ model={ioConfig}
+ onChange={c => this.updateSpecPreview(deepSet(spec,
'spec.ioConfig', c))}
+ />
+ {deepGet(spec,
'spec.ioConfig.inputSource.properties.secretAccessKey.password') && (
+ <FormGroup>
+ <Callout intent={Intent.WARNING}>
+ Inlining the access key into the ingestion spec is
dangerous as it might appear
+ in server log files and can be seen by anyone accessing
this console.
Review comment:
Would a good compromise be to say that - "When running in production, you
should pick a more secure `secret key type` from the drop down above"
The little `i` thing next to the option can point to the relevant docs which
we will keep up to date as we add/ remove password providers.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
