[jira] [Commented] (HADOOP-14951) KMSACL implementation is not configurable

Fri, 03 May 2019 06:29:43 -0700 


    [ 
https://issues.apache.org/jira/browse/HADOOP-14951?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16832497#comment-16832497
 ] 

Daryn Sharp commented on HADOOP-14951:
--------------------------------------

Nice.  A few comments after a cursory review:
# Why change {{checkAccess}} to take a key name parameter when there's an 
existing {{checkKeyAccess}}?
# Elaborating an earlier comment, I'd prefer {{KMSACLs}} to be the interface or 
an abstract class to minimize changes throughout the code.  In particular, it's 
much easier to review security related patches when the reviewer doesn't have 
to scrutinize all the changes to existing tests to ensure something wasn't 
subtlely altered.
# Minor but please change {{Assert.assertTrue("Expected KeyManagementACLs 
type", KMSWebApp.getACLs().getClass() == TestKeyManagementACLs.class);}} to 
{{Assert.assertEquals}} or {{Assert.assertSame}}.  Failed asserts for 
true/false take longer to debug when the difference isn't shown – and typically 
requires making the requested change.

> KMSACL implementation is not configurable
> -----------------------------------------
>
>                 Key: HADOOP-14951
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14951
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: kms
>            Reporter: Zsombor Gegesy
>            Assignee: Zsombor Gegesy
>            Priority: Major
>              Labels: key-management, kms
>         Attachments: HADOOP-14951-10.patch, HADOOP-14951-11.patch, 
> HADOOP-14951-9.patch
>
>
> Currently, it is not possible to customize KMS's key management, if KMSACLs 
> behaviour is not enough. If an external key management solution is used, that 
> would need a higher level API, where it can decide, if the given operation is 
> allowed, or not.
>  For this to achieve, it would be a solution, to introduce a new interface, 
> which could be implemented by KMSACLs - and also other KMS - and a new 
> configuration point could be added, where the actual interface implementation 
> could be specified.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to