[
https://issues.apache.org/jira/browse/HDDS-15140?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chung-En Lee updated HDDS-15140:
--------------------------------
Description: To support S3G chunked upload signature verification
(SigV4/SigV4a) while adhering to the principle of least privilege, S3G should
not handle the master AWS Secret Key directly for every chunk. Instead, OM
should provide a "Derived Key" that is only valid for a specific date, region,
and service during creating key. (was: To support S3G chunked upload signature
verification (SigV4/SigV4a) while adhering to the principle of least privilege,
S3G should not handle the master AWS Secret Key directly for every chunk.
Instead, OM should provide a "Derived Key" that is only valid for a specific
date, region, and service.)
> Piggyback S3 derived key during key creation
> --------------------------------------------
>
> Key: HDDS-15140
> URL: https://issues.apache.org/jira/browse/HDDS-15140
> Project: Apache Ozone
> Issue Type: Sub-task
> Reporter: Chung-En Lee
> Assignee: Chung-En Lee
> Priority: Major
>
> To support S3G chunked upload signature verification (SigV4/SigV4a) while
> adhering to the principle of least privilege, S3G should not handle the
> master AWS Secret Key directly for every chunk. Instead, OM should provide a
> "Derived Key" that is only valid for a specific date, region, and service
> during creating key.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]