[
https://issues.apache.org/jira/browse/HDDS-7814?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17679383#comment-17679383
]
Ritesh H Shukla commented on HDDS-7814:
---------------------------------------
cc [~sammichen]
> Implement remote S3 secret storage
> ----------------------------------
>
> Key: HDDS-7814
> URL: https://issues.apache.org/jira/browse/HDDS-7814
> Project: Apache Ozone
> Issue Type: Improvement
> Components: S3
> Affects Versions: 1.4.0
> Reporter: Mikhail Pochatkin
> Priority: Major
>
> The S3 secrets are currently stored in the RocksDB of the Ozone manager
> nodes. With this approach, it is not possible to separate the storage of
> secrets from nodes with an ozone manager. This is a limitation in some
> environments, for various reasons, such as security issues, so it is proposed
> to add the ability to store secrets separately from the ozone managers. One
> of the options for storing secrets would be to use a third-party solution, an
> example of HashiСorp Vault . Therefore, it is proposed to add the
> implementation of the storage of S3 secrets based on a remote http server. It
> is proposed to configure the type of storage using a special property in the
> ozone site. Leave the current RocksDB as the default implementation to
> maintain backwards compatibility.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
