samza-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tommy Becker <tobec...@tivo.com>
Subject Storing sensitive data in the Config
Date Mon, 09 Mar 2015 20:00:16 GMT
We have some sensitive information that we are currently storing in the Samza config.  Our
ops guys have some concern regarding where the config is displayed (e.g. in logs, app master
UI, etc).  I'm curious if others have had similar concerns and if so what you did about it.
 Seems like we might be able to use system properties for these things, albeit at a significant
cost to convenience.  It would be nice if it were possible to mark config values as sensitive
(perhaps via some sort of naming convention), and have such values be retrievable only via
explicit get on the key so these sort of incidental exposures can't happen.

--
Tommy Becker
Senior Software Engineer

Digitalsmiths
A TiVo Company

www.digitalsmiths.com<http://www.digitalsmiths.com>
tobecker@tivo.com<mailto:tobecker@tivo.com>

________________________________

This email and any attachments may contain confidential and privileged material for the sole
use of the intended recipient. Any review, copying, or distribution of this email (or any
attachments) by others is prohibited. If you are not the intended recipient, please contact
the sender immediately and permanently delete this email and any attachments. No employee
or agent of TiVo Inc. is authorized to conclude any binding agreement on behalf of TiVo Inc.
by email. Binding agreements with TiVo Inc. may only be made by a signed written agreement.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message