[ https://issues.apache.org/jira/browse/RANGER-3580?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17489511#comment-17489511 ]
kirby zhou commented on RANGER-3580: ------------------------------------ TencentKMS is something like Microsoft Azure KeyVault, provided by Tencent Cloud, one of china's top cloud providers. It also named as "T-Sec 密钥管理系统". We use it as masterKey provider of RangerKMS. All configurations you need is the following list. # TencentKMS deployment configuration # The following configuration is added to the install.properties # Do you use Tencent Cloud KMS? TENCENT_KMS_ENABLED=true # MasterKeyID on Tencent Cloud TENCENT_MASTERKEY_ID=b756b016-6e11-11ec-a735-525400fe0300 # Login ID TENCENT_CLIENT_ID=AKIDrXx6ybx2qNdiaBWaNs76pGQJvFJ6crpW # Login password TENCENT_CLIENT_SECRET=<password># Tencent Cloud area, see Tencent Cloud SDK for details. TENCENT_CLIENT_REGION=ap-beijing 1. you should have a Tencent Cloud account. Please Visit [https://intl.cloud.tencent.com/|https://intl.cloud.tencent.com/?lang=en] or [https://cloud.tencent.com|https://cloud.tencent.com/] 2. Apply a KMS [https://intl.cloud.tencent.com/products/kms] or [https://cloud.tencent.com/product/kms] 3. Create a Key in Tencent KMS at you selected region. You should create an key id here, then use it as "TENCENT_MASTERKEY_ID". region code list is here: [https://intl.cloud.tencent.com/document/product/628/33133] 4. Create you client id/secret, and assign the privilege of key to it It may be called as "SecretId" and "SecretKey" Fill TENCENT_CLIENT_ID=SecretId Fill TENCENT_CLIENT_SECRET=SecretKey Chinese doc is here [https://cloud.tencent.com/document/api/362/4208] I am sorry, I have not found the exactly doc in English. You can check it in [https://intl.cloud.tencent.com/document/product] 5. Fill the other parts of install.properties, such as you database JDBC, your Kerberos.... 6. run setup.sh > Support Ranger KMS integration with TencentKMS > ---------------------------------------------- > > Key: RANGER-3580 > URL: https://issues.apache.org/jira/browse/RANGER-3580 > Project: Ranger > Issue Type: New Feature > Components: kms > Affects Versions: 3.0.0 > Reporter: kirby zhou > Priority: Major > Fix For: 3.0.0 > > Attachments: 0001-add-TencentKMS-as-MasterKeyProvider-1.patch, > 0001-add-TencentKMS-as-MasterKeyProvider.patch > > > Want Ranger KMS can work with more Key Vault Provider as its backend. > Such as Tencent KMS, AliCloud KMS, AWS KMS. -- This message was sent by Atlassian Jira (v8.20.1#820001)