Details
-
Sub-task
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
3.3.1
Description
Support for customer-provided encryption keys at the file level, superceding the global (account-level) key use in HADOOP-17536.
ABFS driver will support an "EncryptionContext" plugin for retrieving encryption information, the implementation for which should be provided by the client. The keys/context retrieved will be sent via request headers to the server, which will store the encryption context. Subsequent REST calls to server that access data/user metadata of the file will require fetching the encryption context through a GetFileProperties call and retrieving the key from the custom provider, before sending the request.
Attachments
Issue Links
- relates to
-
HADOOP-18513 ABFS: Support client-side encryption
- Open
- links to