Xiaoyu Yao created HDFS-10643:
---------------------------------
Summary: HDFS namenode should always use service user (hdfs) to
generateEncryptedKey
Key: HDFS-10643
URL: https://issues.apache.org/jira/browse/HDFS-10643
Project: Hadoop HDFS
Issue Type: Bug
Components: encryption, namenode
Affects Versions: 2.6.0
Reporter: Xiaoyu Yao
Assignee: Xiaoyu Yao
KMSClientProvider is designed to be shared by different KMS clients. When HDFS
Namenode as KMS client talks to KMS to generateEncryptedKey for new file
creation from proxy user (hive, oozie), the proxyuser handling for
KMSClientProvider in this case is unnecessary, which cause 1) an extra proxy
user configuration allowing hdfs user to proxy its clients and 2) KMS acls to
allow non-hdfs user for GENERATE_EEK operation.
This ticket is opened to always use HDFS namenode login user (hdfs) when
talking to KMS to generateEncryptedKey for new file creation. This way, we have
a more secure KMS based HDFS encryption (we can set kms-acls to allow only hdfs
user for GENERATE_EEK) with less configuration hassle for KMS to allow hdfs to
proxy other users.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-dev-h...@hadoop.apache.org
