[
https://issues.apache.org/jira/browse/BEAM-6292?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16798183#comment-16798183
]
Mathieu Blanchard commented on BEAM-6292:
-----------------------------------------
[~iemejia] Thanks for your response. Indeed, I answered a little too fast. The
ValueProvider will fix my use case, therefore you can revert my previous PR
(withPasswordDecrypter/withEncryptedPassword). Furthermore, it will be great if
the write/delete operations could support this solution.
I will be happy to participate to another Beam pull request. When I will have
time, I will take a look to support a GoogleCloudKmsValueProvider connector
> PasswordDecrypter: Delay decryption / Avoid serialization
> ---------------------------------------------------------
>
> Key: BEAM-6292
> URL: https://issues.apache.org/jira/browse/BEAM-6292
> Project: Beam
> Issue Type: Improvement
> Components: io-java-cassandra
> Reporter: Mathieu Blanchard
> Assignee: Mathieu Blanchard
> Priority: Minor
> Labels: triaged
> Fix For: 2.12.0
>
> Time Spent: 10h 40m
> Remaining Estimate: 0h
>
> Currently, the password is decrypted before the serialization of the pipeline
> and this causes the raw version to be visible to everyone on the staging
> location.
> To avoid this, we delayed the decryption of the password when connecting to
> the cluster, which ensures that the raw password is never serialized in the
> pipeline.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
