[
https://issues.apache.org/jira/browse/FLINK-36456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Raul Garcia updated FLINK-36456:
--------------------------------
Component/s: Runtime / Configuration
(was: Runtime / Metrics)
> Improve Security in DatadogHttpReporterFactory by providing ENV alternative
> to retrieve API key
> -----------------------------------------------------------------------------------------------
>
> Key: FLINK-36456
> URL: https://issues.apache.org/jira/browse/FLINK-36456
> Project: Flink
> Issue Type: Improvement
> Components: Runtime / Configuration
> Reporter: Raul Garcia
> Priority: Minor
>
> The current implementation of the {{DatadogHttpReporterFactory}} class
> retrieves the Datadog API key from the Flink configuration. In Kubernetes
> environments, this typically means storing the API key in ConfigMaps, which
> can expose sensitive information in plain text. Since ConfigMaps are not
> designed to hold secrets, this approach poses potential security risks.
> My proposal is to fallback to {{DD_API_KEY}} which is the standard way of
> passing the API key to containers and it's usually available in the
> environment.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
