-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/71713/
-----------------------------------------------------------
(Updated Nov. 5, 2019, 6:53 a.m.)
Review request for ranger, Ankita Sinha, Gautam Borad, Madhan Neethiraj, Mehul
Parikh, Nikhil P, Pradeep Agrawal, Selvamohan Neethiraj, and Velmurugan
Periasamy.
Bugs: RANGER-2616
https://issues.apache.org/jira/browse/RANGER-2616
Repository: ranger
Description
-------
Currently when an encryption zone (EZ) key is rotated, it only takes effect on
new EDEKs. We should provide a way to re-encrypt EDEKs after the EZ key
rotation, for improved security.
Diffs
-----
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/EagerKeyGeneratorKeyProviderCryptoExtension.java
854c831
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMS.java 04cc984
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSAudit.java
56d25d2
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSExceptionsProvider.java
cdca8e1
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSJSONReader.java
2b85276
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSServerJSONUtils.java
24af81b
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KMSWebApp.java
501ee30
kms/src/main/java/org/apache/hadoop/crypto/key/kms/server/KeyAuthorizationKeyProvider.java
bd35a6b
kms/src/test/java/org/apache/hadoop/crypto/key/kms/server/TestKMSAudit.java
04daeee
Diff: https://reviews.apache.org/r/71713/diff/1/
Testing
-------
Tested the CRUD operations related to keys and re-encrypt EDEKs after the EZ
key rotation works fine.
Thanks,
Fatima Khan
