Uploaded image for project: 'Samza'
  1. Samza
  2. SAMZA-589

Need a way to flag sensitive information in Config

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.8.0
    • Fix Version/s: 0.9.0
    • Component/s: container
    • Labels:
      None

      Description

      Currently, the full contents of a job's Config is exposed in at least a couple of places including the logs (logged by SamzaContainer), and the ApplicationMaster UI's config page. There is a security concern with doing that if sensitive information (e.g. credentials) is stored there. It would be nice to be able to mark sensitive config values so that they are not displayed in such ways. The only thing that springs to mind is a special naming convention, perhaps a "sensitive" prefix that would identify these values. Ideally such a capability would be baked into Config itself, but minimally Samza code that exposes Config could be made aware of the convention to avoid displaying the plaintext of sensitive values.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                twbecker Tommy Becker
                Reporter:
                twbecker Tommy Becker
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: