Mikhail Pochatkin created HDDS-7814:
---------------------------------------
Summary: Implement remote S3 secret storage
Key: HDDS-7814
URL: https://issues.apache.org/jira/browse/HDDS-7814
Project: Apache Ozone
Issue Type: Improvement
Components: S3
Affects Versions: 1.4.0
Reporter: Mikhail Pochatkin
The S3 secrets are currently stored in the RocksDB of the Ozone manager nodes.
With this approach, it is not possible to separate the storage of secrets from
nodes with an ozone manager. This is a limitation in some environments, for
various reasons, such as security issues, so it is proposed to add the ability
to store secrets separately from the ozone managers. One of the options for
storing secrets would be to use a third-party solution, an example of HashiСorp
Vault . Therefore, it is proposed to add the implementation of the storage of
c3 secrets based on a remote http server. It is proposed to configure the type
of storage using a special property in the ozone site. Leave the current
RocksDB as the default implementation to maintain backwards compatibility.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
