[
https://issues.apache.org/jira/browse/HDFS-6386?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Charles Lamb updated HDFS-6386:
-------------------------------
Attachment: HDFS-6386.1.patch
Here are some diffs that provide the basic client/namenode protocol and API for
the various Encryption Zone functions.
There are four methods on the API:
void createEncryptionZone(String path, FsPermission mask, String keyId) throws
IOException;
Creates an encryption zone on an empty directory, optionally using keyId. If
the directory does not exist or is not empty, an exception is thrown.
void deleteEncryptionZone(String path) throws IOException;
Removes an encryption zone from an empty directory. If the directory does not
exist or is not empty, an exception is thrown.
void listEncryptionZones() throws IOException;
List the encryption zones (paths only) that the calling user has access to.
void showEncryptionZones() throws IOException;
List the encryption zones (paths, keyid, keyversion) that the admin has access
to. Only accessible by the admin.
All of these methods are HdfsAdmin only since they are HDFS only functions.
> HDFS Encryption Zones
> ---------------------
>
> Key: HDFS-6386
> URL: https://issues.apache.org/jira/browse/HDFS-6386
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: namenode, security
> Reporter: Alejandro Abdelnur
> Assignee: Charles Lamb
> Attachments: HDFS-6386.1.patch
>
>
> Define the required security xAttributes for directories and files within an
> encryption zone and how they propagate to children. Implement the logic to
> create/delete encryption zones.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
