You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2021/02/19 05:03:00 UTC
[jira] [Work logged] (HADOOP-17536) Suport for customer provided
encrption key
[ https://issues.apache.org/jira/browse/HADOOP-17536?focusedWorklogId=554577&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-554577 ]
ASF GitHub Bot logged work on HADOOP-17536:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 19/Feb/21 05:02
Start Date: 19/Feb/21 05:02
Worklog Time Spent: 10m
Work Description: bilaharith opened a new pull request #2707:
URL: https://github.com/apache/hadoop/pull/2707
The data for a particular customer needs to be encrypted on account level. At server side the APIs will start accepting the encryption key as part of request headers. The data will be encrypted/decrypted with the given key at the server.
Since the ABFS FileSystem APIs are implementations for Hadoop FileSystem APIs there is no direct way with which customer can pass the key to ABFS driver. In this case driver should have the following capabilities so that it can accept and pass the encryption key as one of the request headers.
There should be a way to configure the encryption key for different accounts.
If there is a key specified for a particular account, the same needs to be sent along with the request headers.
Config changes
They key for an account can be specified in the core-site as follows.
fs.azure.account.client-provided-encryption-key.{account name}.dfs.core.windows.net
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Issue Time Tracking
-------------------
Worklog Id: (was: 554577)
Remaining Estimate: 0h
Time Spent: 10m
> Suport for customer provided encrption key
> ------------------------------------------
>
> Key: HADOOP-17536
> URL: https://issues.apache.org/jira/browse/HADOOP-17536
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/azure
> Affects Versions: 3.4.0
> Reporter: Bilahari T H
> Assignee: Bilahari T H
> Priority: Minor
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The data for a particular customer needs to be encrypted on account level. At server side the APIs will start accepting the encryption key as part of request headers. The data will be encrypted/decrypted with the given key at the server.
> Since the ABFS FileSystem APIs are implementations for Hadoop FileSystem APIs there is no direct way with which customer can pass the key to ABFS driver. In this case driver should have the following capabilities so that it can accept and pass the encryption key as one of the request headers.
> # There should be a way to configure the encryption key for different accounts.
> # If there is a key specified for a particular account, the same needs to be sent along with the request headers.
> *Config changes*
> They key for an account can be specified in the core-site as follows.
> fs.azure.account.client-provided-encryption-key.{account name}.dfs.core.windows.net
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org