[jira] [Updated] (AMBARI-25043) Sensitive Ambari configuration values should be encrypted in the Ambari server DB, if enabled

Fri, 21 Dec 2018 05:55:21 -0800 


     [ 
https://issues.apache.org/jira/browse/AMBARI-25043?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

ASF GitHub Bot updated AMBARI-25043:
------------------------------------
    Labels: pull-request-available  (was: )

> Sensitive Ambari configuration values should be encrypted in the Ambari 
> server DB, if enabled
> ---------------------------------------------------------------------------------------------
>
>                 Key: AMBARI-25043
>                 URL: https://issues.apache.org/jira/browse/AMBARI-25043
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.8.0
>            Reporter: Sandor Molnar
>            Assignee: Sandor Molnar
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 2.8.0
>
>
> Sensitive Ambari configuration values should be encrypted in the Ambari 
> server DB, if enabled.
> Ambari configuration value types are defined in 
> {{org.apache.ambari.server.configuration.AmbariServerConfigurationKey}}. 
> Sensitive properties have property type of 
> {{org.apache.ambari.server.configuration.ConfigurationPropertyType#PASSWORD}}.
> Using this information, _if this feature is enabled_, the Ambari server 
> should encrypt sensitive values before storing them in the 
> {{ambari_configuration}} table in the Ambari DB.
> The Ambari server should encrypt sensitive configuration values if the 
> following has been met:
>  * A master key has been setup using the "ambari-server setup-security" CLI 
> (using option #2 - Encrypt passwords stored in ambari.properties file)
>  * The Ambari server configuration property named 
> "{{security.server.encrypt_sensitive_data}}" is set to "true"
> If encrypting sensitive data:
>  * the value should be encrypted using a secure symmetric key encryption 
> algorithm. For example AES - [https://aesencryption.net/].
>  * the encryption key should be the previously set master key, or some 
> reproducible encoding of it.
>  * the encrypted bytes should be converted to a hex string
>  * the value should be stored in the relevant field such that the value is 
> declared as encrypted.
>  ** for example:
> {noformat}
> "password" : "${enc=aes256_base64, value=5248...303d}"{noformat}
>  ** this is needed in the event {{server.security.encrypt_sensitive_data}} is 
> changed to false, but there are still encrypted values in the database.
> Encrypted data needs to be decrypted before being used or returned via the 
> REST API. The data may be re-encrypted depending on use.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to