You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ambari.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/12/21 13:55:00 UTC
[jira] [Updated] (AMBARI-25043) Sensitive Ambari configuration
values should be encrypted in the Ambari server DB, if enabled
[ https://issues.apache.org/jira/browse/AMBARI-25043?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
ASF GitHub Bot updated AMBARI-25043:
------------------------------------
Labels: pull-request-available (was: )
> Sensitive Ambari configuration values should be encrypted in the Ambari server DB, if enabled
> ---------------------------------------------------------------------------------------------
>
> Key: AMBARI-25043
> URL: https://issues.apache.org/jira/browse/AMBARI-25043
> Project: Ambari
> Issue Type: Bug
> Components: ambari-server
> Affects Versions: 2.8.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Major
> Labels: pull-request-available
> Fix For: 2.8.0
>
>
> Sensitive Ambari configuration values should be encrypted in the Ambari server DB, if enabled.
> Ambari configuration value types are defined in {{org.apache.ambari.server.configuration.AmbariServerConfigurationKey}}. Sensitive properties have property type of {{org.apache.ambari.server.configuration.ConfigurationPropertyType#PASSWORD}}.
> Using this information, _if this feature is enabled_, the Ambari server should encrypt sensitive values before storing them in the {{ambari_configuration}} table in the Ambari DB.
> The Ambari server should encrypt sensitive configuration values if the following has been met:
> * A master key has been setup using the "ambari-server setup-security" CLI (using option #2 - Encrypt passwords stored in ambari.properties file)
> * The Ambari server configuration property named "{{security.server.encrypt_sensitive_data}}" is set to "true"
> If encrypting sensitive data:
> * the value should be encrypted using a secure symmetric key encryption algorithm. For example AES - [https://aesencryption.net/].
> * the encryption key should be the previously set master key, or some reproducible encoding of it.
> * the encrypted bytes should be converted to a hex string
> * the value should be stored in the relevant field such that the value is declared as encrypted.
> ** for example:
> {noformat}
> "password" : "${enc=aes256_base64, value=5248...303d}"{noformat}
> ** this is needed in the event {{server.security.encrypt_sensitive_data}} is changed to false, but there are still encrypted values in the database.
> Encrypted data needs to be decrypted before being used or returned via the REST API. The data may be re-encrypted depending on use.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)