This page is meant as a template for writing a KIP. To create a KIP choose Tools->Copy on this page and modify with your content and replace the heading with the next KIP number and a description of your issue. Replace anything in italics with your own description. 

Status

Current state: Under Discussion

...

Currently in kafka connect, some of the rest api endpoint return with plain password/secrets. This reveals database credentials, and any information that should be hide from public interface. This KIP is to enhance the security of Kafka Connect REST API.

Public Interfaces

Mask fields any field that is a ConfigDef.Type.PASSWORD type. Following endpoint existing endpoints will be impacted:

• /connectors/<connector_name>
• /connectors/<connector_name>/config
• /connectors/<connector_name>tasks

Briefly list any new interfaces that will be introduced as part of this proposal or any existing interfaces that will be removed or changed. The purpose of this section is to concisely call out the public contract that will come along with this feature.

A public interface is any change to the following:

• Binary log format

• The network protocol and api behavior

• Any class in the public packages under clientsConfiguration, especially client configuration

  • org/apache/kafka/common/serialization

  • org/apache/kafka/common

  • org/apache/kafka/common/errors

  • org/apache/kafka/clients/producer

  • org/apache/kafka/clients/consumer (eventually, once stable)

• Monitoring

• Command line tools and arguments

• Anything else that will likely break existing users in some way when they upgrade

Proposed Changes

There is no new interface.

Proposed Changes

Modification in org.apache.kafka.connect.runtime.rest.resources.ConnectorsResource class. Adding a new method maskCredentials, and this method will be called in each of the above three endpoint before the routing method returnsDescribe the new thing you want to do in appropriate detail. This may be fairly extensive and have large subsections of its own. Or it may be a few sentences. Use judgement based on the scope of the change.

Compatibility, Deprecation, and Migration Plan

• What impact (if any) will there be on existing users?
• If we are changing behavior how will we phase out the older behavior?
• If we need special migration tools, describe them here.
• When will we remove the existing behavior?

Rejected Alternatives

• Existing users will no long get the actual password value from Kafka Connect REST endpoint. In stead, they will get a masked value (e.g. "*********").
• A new deployment of kafka connect is needed

Rejected Alternatives

None identifiedIf there are alternative ways of accomplishing the same thing, what were they? The purpose of this section is to motivate why the design is the way it is and not some other way.