[
https://issues.apache.org/jira/browse/HADOOP-14951?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16898513#comment-16898513
]
Wei-Chiu Chuang edited comment on HADOOP-14951 at 8/2/19 3:14 AM:
------------------------------------------------------------------
I am planning to commit this patch soon. We are in an attempt to migrate Ranger
KMS users to Hadoop KMS, and this is an important missing feature not in Hadoop
KMS.
was (Author: jojochuang):
I am planning to commit this patch. We are in an attempt to migrate Ranger KMS
users to Hadoop KMS, and this is an important missing feature not in Hadoop KMS.
> KMSACL implementation is not configurable
> -----------------------------------------
>
> Key: HADOOP-14951
> URL: https://issues.apache.org/jira/browse/HADOOP-14951
> Project: Hadoop Common
> Issue Type: Improvement
> Components: kms
> Reporter: Zsombor Gegesy
> Assignee: Zsombor Gegesy
> Priority: Major
> Labels: key-management, kms
> Attachments: HADOOP-14951-10.patch, HADOOP-14951-11.patch,
> HADOOP-14951-12.patch, HADOOP-14951-13.patch, HADOOP-14951-9.patch
>
>
> Currently, it is not possible to customize KMS's key management, if KMSACLs
> behaviour is not enough. If an external key management solution is used, that
> would need a higher level API, where it can decide, if the given operation is
> allowed, or not.
> For this to achieve, it would be a solution, to introduce a new interface,
> which could be implemented by KMSACLs - and also other KMS - and a new
> configuration point could be added, where the actual interface implementation
> could be specified.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
