Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-3932

Implement State Backend Security

    XMLWordPrintableJSON

Details

    Description

      This issue is part of a series of improvements detailed in the Secure Data Access design doc.

      Flink should protect its HA, checkpoint, and savepoint state against unauthorized access.

      As described in the design doc, implement:

      • ZooKeeper authentication w/ Kerberos
      • ZooKeeper authorization (i.e. znode ACLs)
      • Checkpoint/savepoint data protection

      Attachments

        Issue Links

          is blocked by

          New Feature - A new feature of the product, which has yet to be developed. FLINK-3929 Support for Kerberos Authentication with Keytab Credential

          • Major - Major loss of function.
          • Resolved
          requires

          Bug - A problem which impairs or prevents the functions of the product. FLINK-4667 Yarn Session CLI not listening on correct ZK namespace when HA is enabled to use ZooKeeper backend

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          links to

          Web Link GitHub Pull Request #2589

          Activity

            People

              vijikarthi Vijay Srinivasaraghavan
              eronwright Eron Wright
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 336h
                  336h
                  Remaining:
                  Remaining Estimate - 336h
                  336h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified