[jira] [Updated] (HDDS-8164) SCM: Authorize secret key APIs

Duong (Jira) Tue, 14 Mar 2023 23:20:04 -0700


     [ 
https://issues.apache.org/jira/browse/HDDS-8164?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Duong updated HDDS-8164:
------------------------
    Description: 
HDDS-7830 implements secret key APIs in {*}SCMSecurityProtocol{*}, which for 
now doesn't enforce authorization (any authenticated principal can call the 
API).

For secret key APIs, we want to limit the access to Ozone principals only, aka, 
Datanode and OM. The APIs should be moved to a separate protocol to enforce 
authorization separately. 

> SCM: Authorize secret key APIs
> ------------------------------
>
>                 Key: HDDS-8164
>                 URL: https://issues.apache.org/jira/browse/HDDS-8164
>             Project: Apache Ozone
>          Issue Type: Sub-task
>            Reporter: Duong
>            Priority: Major
>
> HDDS-7830 implements secret key APIs in {*}SCMSecurityProtocol{*}, which for 
> now doesn't enforce authorization (any authenticated principal can call the 
> API).
> For secret key APIs, we want to limit the access to Ozone principals only, 
> aka, Datanode and OM. The APIs should be moved to a separate protocol to 
> enforce authorization separately. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (HDDS-8164) SCM: Authorize secret key APIs

Reply via email to