Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-7547

More secure storage for mongodb credentials

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    Description

      Currently you can sort of "hide" S3 AWS credentials in core-site.xml, but for the mongodb connection the username and password are accessible from the Web UI, API, and ZooKeeper API because it is placed in the configuration for the storage plugin.

      I wonder if it would be possible to store the username and password used for mongodb connection in a more secure manner, maybe it could be encrypted when you first save it, then even if you look at the configuration for the mongodb storage plugin via the ZooKeeper API you cannot extract the username and password.

       

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            dobesv Dobes Vandermeer
            dobesv Dobes Vandermeer
            Arina Ielchiieva Arina Ielchiieva
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment