Table of Contents |
---|
This page is meant as a template for writing a KIP. To create a KIP choose Tools->Copy on this page and modify with your content and replace the heading with the next KIP number and a description of your issue. Replace anything in italics with your own description.
Status
Current state: Under Discussion
...
Currently in kafka connect, some of the rest api endpoint return with plain password/secrets. This reveals database credentials, and any information that should be hide from public interface. This KIP is to enhance the security of Kafka Connect REST API.
Public Interfaces
Mask fields any field that is a ConfigDef.Type.PASSWORD type. Following endpoint existing endpoints will be impacted:
- /connectors/<connector_name>
- /connectors/<connector_name>/config
- /connectors/<connector_name>tasks
Briefly list any new interfaces that will be introduced as part of this proposal or any existing interfaces that will be removed or changed. The purpose of this section is to concisely call out the public contract that will come along with this feature.
A public interface is any change to the following:
Binary log format
The network protocol and api behavior
Any class in the public packages under clientsConfiguration, especially client configuration
org/apache/kafka/common/serialization
org/apache/kafka/common
org/apache/kafka/common/errors
org/apache/kafka/clients/producer
org/apache/kafka/clients/consumer (eventually, once stable)
Monitoring
Command line tools and arguments
- Anything else that will likely break existing users in some way when they upgrade
Proposed Changes
There is no new interface.
Proposed Changes
Modification in org.apache.kafka.connect.runtime.rest.resources.ConnectorsResource class. Adding a new method maskCredentials, and this method will be called in each of the above three endpoint before the routing method returnsDescribe the new thing you want to do in appropriate detail. This may be fairly extensive and have large subsections of its own. Or it may be a few sentences. Use judgement based on the scope of the change.
Compatibility, Deprecation, and Migration Plan
- What impact (if any) will there be on existing users?
- If we are changing behavior how will we phase out the older behavior?
- If we need special migration tools, describe them here.
- When will we remove the existing behavior?
Rejected Alternatives
- Existing users will no long get the actual password value from Kafka Connect REST endpoint. In stead, they will get a masked value (e.g. "*********").
- A new deployment of kafka connect is needed
Rejected Alternatives
None identifiedIf there are alternative ways of accomplishing the same thing, what were they? The purpose of this section is to motivate why the design is the way it is and not some other way.