[jira] [Updated] (FLINK-28028) Common secure credential protection mechanism in Flink SQL

Mon, 13 Jun 2022 12:53:13 -0700 


     [ 
https://issues.apache.org/jira/browse/FLINK-28028?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Jing Ge updated FLINK-28028:
----------------------------
    Description: 
Currently, the most common way to use credential is to use:

 
CREATE TABLE mytable (
  ...
)
WITH (
  'connector' = 'kafka',
  'properties.bootstrap.servers' = '...:9092',
  'topic' = '...',
  'properties.ssl.keystore.password' = <password>,
  'properties.ssl.keystore.location' = ...,
  'properties.ssl.truststore.password' = <password>,
  'properties.ssl.truststore.location' = ...,
);

The credential could then be read by calling SHOW CREATE TABLE <TableName>. 

We should provide a more strong way to protect the credential. 

  was:
Currently, the most common way to use credential is to use:

{{CREATE TABLE ...}}
CREATE TABLE mytable (
  ...
)
WITH (
  'connector' = 'kafka',
  'properties.bootstrap.servers' = '...:9092',
  'topic' = '...',
  'properties.ssl.keystore.password' = <password>,
  'properties.ssl.keystore.location' = ...,
  'properties.ssl.truststore.password' = <password>,
  'properties.ssl.truststore.location' = ...,
);
The credential could then be read by calling SHOW CREATE TABLE <TableName>. 

We should provide a more strong way to protect the credential. 


> Common secure credential protection mechanism in Flink SQL
> ----------------------------------------------------------
>
>                 Key: FLINK-28028
>                 URL: https://issues.apache.org/jira/browse/FLINK-28028
>             Project: Flink
>          Issue Type: Improvement
>          Components: Table SQL / API, Table SQL / Runtime
>            Reporter: Jing Ge
>            Priority: Major
>
> Currently, the most common way to use credential is to use:
>  
> CREATE TABLE mytable (
>   ...
> )
> WITH (
>   'connector' = 'kafka',
>   'properties.bootstrap.servers' = '...:9092',
>   'topic' = '...',
>   'properties.ssl.keystore.password' = <password>,
>   'properties.ssl.keystore.location' = ...,
>   'properties.ssl.truststore.password' = <password>,
>   'properties.ssl.truststore.location' = ...,
> );
> The credential could then be read by calling SHOW CREATE TABLE <TableName>. 
> We should provide a more strong way to protect the credential. 



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

Reply via email to