[HIVE-21849] Carry over encryption table property to derived tables - ASF JIRA

Log work

Agile Board

Rank to Top

Rank to Bottom

Bulk Copy Attachments

Bulk Move Attachments

Add vote

Voters

Watch issue

Watchers

Create sub-task

Convert to sub-task

Move

Link

Clone

Labels

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Task
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 3.0.1
Fix Version/s: 3.0.1
Component/s: HiveServer2
Labels:
None

Target Version/s:

3.0.1

Description

~~HIVE-21848~~ proposed to have a set of table properties to configure the ORC and Parquet encryption. In the scenario of CTLT and CTAS, the new table needs to have the same encryption table properties because they have the same type of sensitive data.

Furthermore, in the situation like 'insert into', if the source table has encrypted sensitive data but the destination doesn't have corresponding table property to define the encryption, then destination table will keep it as plaintext and hence leaks sensitive data.

The fix is to carry over table properties for those selected columns from the source table to the destination table.

The code change is working as a prototype. I will share it out later after ~~HIVE-21848~~ has an agreement in the community.