----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/71176/#review217977 -----------------------------------------------------------
Ship it! Ship It! - Mehul Parikh On Aug. 12, 2019, 9:12 a.m., Dhaval Shah wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/71176/ > ----------------------------------------------------------- > > (Updated Aug. 12, 2019, 9:12 a.m.) > > > Review request for ranger, Ankita Sinha, Don Bosco Durai, bhavik patel, > Gautam Borad, Abhay Kulkarni, Madhan Neethiraj, Mehul Parikh, Nikhil P, > Ramesh Mani, and Velmurugan Periasamy. > > > Bugs: RANGER-2497 > https://issues.apache.org/jira/browse/RANGER-2497 > > > Repository: ranger > > > Description > ------- > > User story: As a security admin, I want to escrow and manage master > encryption keys for securing my Hadoop cluster EZs in Ranger KMS service with > Azure Key Vault service. > > For Microsoft Azure Key Vault overview refer to: > https://docs.microsoft.com/en-us/azure/key-vault/ > For REST API guide refer to: > https://docs.microsoft.com/en-us/rest/api/keyvault/ > > Acceptance Criteria: > > 1.) Ranger KMS has ability to configure AKV service to be used for master key > offload > 2.) Ranger KMS provides ability to provide key management functions (create > keys, manage keys, retrieve keys, rollover) using AKV > > > Diffs > ----- > > LICENSE.txt a424ebe > NOTICE.txt a82c1f0 > kms/config/kms-webapp/dbks-site.xml 05a1a13 > kms/pom.xml df46496 > kms/scripts/DBMKTOAZUREKEYVAULT.sh PRE-CREATION > kms/scripts/install.properties 798dd8c > kms/scripts/setup.sh c430ef9 > > kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java > PRE-CREATION > kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java > PRE-CREATION > kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 5e394de > kms/src/main/java/org/apache/hadoop/crypto/key/Ranger2JKSUtil.java f542364 > kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 86f1a29 > kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java > b280cbf > > kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java > PRE-CREATION > pom.xml 7cf134c > src/main/assembly/kms.xml 468bede > > > Diff: https://reviews.apache.org/r/71176/diff/3/ > > > Testing > ------- > > 1.) Fresh installation of Ranger KMS with Azure Key Vault. > 2.) Export / Import of zone keys from / to keystore file. > 3.) Migration of Ranger KMS DB to Azure Key Vault. > > > Thanks, > > Dhaval Shah > >
