[jira] [Updated] (HDDS-4006) S3 MPU not supported on encrypted buckets

[Bharat Viswanadham (Jira)]

     [ 
https://issues.apache.org/jira/browse/HDDS-4006?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Bharat Viswanadham updated HDDS-4006:
-------------------------------------
    Description: 
With HDDS-3612 buckets created via ozone are also accessible via S3.
This has caused a problem when the bucket is encrypted, the keys are not 
encrypted on disk.

*2 Issues:*
1. On OM, for each part a new encryption info is generated. During complete 
Multipart upload, the encryption info is not stored in KeyInfo.
2. On the client, for part upload, the encryption info is silently ignored.

If we don't throw an error, on an encrypted bucket, key data is not encrypted 
on disks.
For 0.6.0 release, we can mark this as not supported, and this will be fixed in 
next release by HDDS-4005




  was:
With HDDS-3612 buckets created via ozone are also accessible via S3.
This has caused a problem when the bucket is encrypted, the keys are not 
encrypted on disk.

*2 Issues:*
1. On OM, for each part a new encryption info is generated. During complete 
Multipart upload, the encryption info is not stored in KeyInfo.
2. On the client, for part upload, the encryption info is silently ignored.

For 0.6.0 release, we can mark this as not supported, and this will be fixed in 
next release by HDDS-4005





> S3 MPU not supported on encrypted buckets
> -----------------------------------------
>
>                 Key: HDDS-4006
>                 URL: https://issues.apache.org/jira/browse/HDDS-4006
>             Project: Hadoop Distributed Data Store
>          Issue Type: Bug
>            Reporter: Bharat Viswanadham
>            Priority: Major
>
> With HDDS-3612 buckets created via ozone are also accessible via S3.
> This has caused a problem when the bucket is encrypted, the keys are not 
> encrypted on disk.
> *2 Issues:*
> 1. On OM, for each part a new encryption info is generated. During complete 
> Multipart upload, the encryption info is not stored in KeyInfo.
> 2. On the client, for part upload, the encryption info is silently ignored.
> If we don't throw an error, on an encrypted bucket, key data is not encrypted 
> on disks.
> For 0.6.0 release, we can mark this as not supported, and this will be fixed 
> in next release by HDDS-4005



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: ozone-issues-h...@hadoop.apache.org