...
- As a CDAP/Hydrator security admin, I want all sensitive information like passwords not be stored in plaintext.
Brief introduction to Hadoop KMS
Hadoop KMS is a cryptographic key management server based on Hadoop’s KeyProvider API.
...
The entity stored will be composed of three parts
- AliasName: This will be the identifier, provided by the user, that will be used to retrieve the object.
- Properties: A key value map containing the properties of the object being stored.
- Data: The data being stored. Passed in as a byte array.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
// Represents the metadata about the data
interface SecureStoreMetaData {
String getName();
String getDescription();
long getLastModifiedTime();
Map<String, String> getProperties();
}
// Represents the secure data
interface SecureStoreData {
// Returns the meta data about the secure data
SecureStoreMetaData getMetaData();
// Returns the secure data
byte[] get();
}
// Provides read-only access to secure store
interface SecureStore {
// Returns a list of available secure data in the secure store.
List<String> list();
// Returns a list of metadata objects for the list of data items
List<SecureStoreMetaData> getMetadata(List<String> datanames);
// Gets the secure data
SecureStoreData get(String name);
}
// Manager interface for managing secure data
interface SecureStoreManager {
// Stores the secure data
void put(String name, byte[] data, Map<String, String> properties);
// Remove the secure data
void delete(String name);
} |
...