[prev in list] [next in list] [prev in thread] [next in thread]
List: hadoop-dev
Subject: [jira] [Created] (HADOOP-11335) KMS ACL in meta data or database
From: "Jerry Chen (JIRA)" <jira () apache ! org>
Date: 2014-11-26 0:35:12
Message-ID: JIRA.12757855.1416962075000.21050.1416962112690 () Atlassian ! JIRA
[Download RAW message or body]
Jerry Chen created HADOOP-11335:
-----------------------------------
Summary: KMS ACL in meta data or database
Key: HADOOP-11335
URL: https://issues.apache.org/jira/browse/HADOOP-11335
Project: Hadoop Common
Issue Type: Improvement
Components: kms
Affects Versions: trunk-win
Reporter: Jerry Chen
Currently Hadoop KMS has implemented ACL for keys and the per key ACL are stored in \
the configuration file kms-acls.xml.
The management of ACL in configuration file would not be easy in enterprise usage and \
it is put difficulties for backup and recovery.
It is ideal to store the ACL for keys in the key meta data similar to what file \
system ACL does. In this way, the backup and recovery that works on keys should work \
for ACL for keys too.
On the other hand, with the ACL in meta data, the ACL of each key can be easily \
manipulate with API or command line tool and take effect instantly. This is very \
important for enterprise level access control management. This feature can be \
addressed by separate JIRA. While with the configuration file, these would be hard to \
provide.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic