[ https://issues.apache.org/jira/browse/FLINK-3929?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15404880#comment-15404880 ]
ASF GitHub Bot commented on FLINK-3929: --------------------------------------- Github user vijikarthi commented on a diff in the pull request: https://github.com/apache/flink/pull/2275#discussion_r73245570 --- Diff: flink-core/src/main/java/org/apache/flink/configuration/ConfigConstants.java --- @@ -1016,6 +1016,23 @@ /** The environment variable name which contains the location of the lib folder */ public static final String ENV_FLINK_LIB_DIR = "FLINK_LIB_DIR"; + // -------------------------------- Security ------------------------------- + + /** + * The config parameter defining security credentials required + * for securing Flink cluster. + */ + + /** Keytab file key name to be used in flink configuration file */ + public static final String SECURITY_KEYTAB_KEY = "security.keytab"; + + /** Kerberos security principal key name to be used in flink configuration file */ + public static final String SECURITY_PRINCIPAL_KEY = "security.principal"; + + /** Keytab file name populated in YARN container */ + public static final String KEYTAB_FILE_NAME = "krb5.keytab"; --- End diff -- Okay, will move it to flink-yarn module > Support for Kerberos Authentication with Keytab Credential > ---------------------------------------------------------- > > Key: FLINK-3929 > URL: https://issues.apache.org/jira/browse/FLINK-3929 > Project: Flink > Issue Type: New Feature > Reporter: Eron Wright > Assignee: Vijay Srinivasaraghavan > Labels: kerberos, security > Original Estimate: 672h > Remaining Estimate: 672h > > _This issue is part of a series of improvements detailed in the [Secure Data > Access|https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit?usp=sharing] > design doc._ > Add support for a keytab credential to be associated with the Flink cluster, > to facilitate: > - Kerberos-authenticated data access for connectors > - Kerberos-authenticated ZooKeeper access > Support both the standalone and YARN deployment modes. > -- This message was sent by Atlassian JIRA (v6.3.4#6332)