[ https://issues.apache.org/jira/browse/HADOOP-13827?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15688392#comment-15688392 ]
Andrew Wang commented on HADOOP-13827: -------------------------------------- Thanks for splitting this out Xiao. Some review comments: * It's be more future proof if the reencryption API also took a keyName. This way we could rotate to a new key entirely, or rename between encryption zones. * Regarding authorization, reencrypt right now reuses the DECRYPT_EEK ACL. We separated out the GENERATE_EEK and DECRYPT_EEK so that the namenode doesn't need DECRYPT_EEK. Also, the other ops all have per-op ACLs, so this should probably be per-op as well. * Related, I'd like to see some authorization-related tests. * KMSAudit whitelists DECRYPT_EEK and GENERATE_EEK, should probably add REENCRYPT_EEK as well. Audit test update would be good too. * A doc update to explain this new op and what additionally needs to be configured would be good. * We need KMS-level tests as well, looks like the added tests only cover the KPCE implementation. > Add reencryptEDEK interface for KMS > ----------------------------------- > > Key: HADOOP-13827 > URL: https://issues.apache.org/jira/browse/HADOOP-13827 > Project: Hadoop Common > Issue Type: Improvement > Components: kms > Reporter: Xiao Chen > Assignee: Xiao Chen > Attachments: HDFS-11159.01.patch > > > This is the KMS part. Please refer to HDFS-10899 for the design doc. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org