tasks-config endpoint exposes externalized secret values

Yash Mayya (Jira) Fri, 18 Aug 2023 00:08:30 -0700

Yash Mayya created KAFKA-15377:
----------------------------------

             Summary: GET /connectors/{connector}/tasks-config endpoint exposes 
externalized secret values
                 Key: KAFKA-15377
                 URL: https://issues.apache.org/jira/browse/KAFKA-15377
             Project: Kafka
          Issue Type: Bug
          Components: KafkaConnect
            Reporter: Yash Mayya
            Assignee: Yash Mayya



The \{{GET /connectors/{connector}/tasks-config}} endpoint added in 
[https://cwiki.apache.org/confluence/display/KAFKA/KIP-661%3A+Expose+task+configurations+in+Connect+REST+API]
 exposes externalized secret values in task configurations (see 
[https://cwiki.apache.org/confluence/display/KAFKA/KIP-297%3A+Externalizing+Secrets+for+Connect+Configurations)].
 A similar bug was fixed in https://issues.apache.org/jira/browse/KAFKA-5117 / 
[https://github.com/apache/kafka/pull/6129] for the \{{GET 
/connectors/{connector}/tasks}} endpoint. The config provider placeholder 
should be used instead of the resolved config value.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (KAFKA-15377) GET /connectors/{connector}/tasks-config endpoint exposes externalized secret values

Reply via email to