Skip to content

RANGER-5333:Configurable Master key name for Ranger KMS DB with Luna HSM #680

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

RANGER-5333:Configurable Master key name for Ranger KMS DB with Luna HSM #680

wants to merge 2 commits into from
+16 −7

Conversation

ChinmayHegde24
Copy link
Contributor

Master Key name is hard coded for Ranger KMS DB integration with Luna HSM.
Refer : https://github.com/apache/ranger/blob/master/kms/src/main/java/org/apache/hadoop/crypto/key/RangerHSM.java#L50

It is made configurable so CU can provide customised name.

vikaskr22
vikaskr22 reviewed Sep 29, 2025
View reviewed changes
@ChinmayHegde24 ChinmayHegde24 force-pushed the RANGER-5333 branch 2 times, most recently from 0646d50 to 585d349 Compare September 30, 2025 15:51
@ChinmayHegde24 ChinmayHegde24 force-pushed the RANGER-5333 branch 2 times, most recently from 6465e0a to e5ee2a9 Compare September 30, 2025 16:41
vikaskr22
vikaskr22 approved these changes Oct 7, 2025
View reviewed changes
Copy link
Contributor

@vikaskr22 vikaskr22 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

dhavalshah9131
dhavalshah9131 reviewed Oct 8, 2025
View reviewed changes
Copy link
Contributor

@dhavalshah9131 dhavalshah9131 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @ChinmayHegde24 ,

Ref link : Thales doc

We should have some kind validation as per Thales guidelines for alias name string value.

Also we need to considering how KMS will behave in case of invalid name or consider documenting it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dhavalshah9131 dhavalshah9131 dhavalshah9131 left review comments

@vikaskr22 vikaskr22 Awaiting requested review from vikaskr22

Assignees

@ChinmayHegde24 ChinmayHegde24

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ChinmayHegde24 @dhavalshah9131 @vikaskr22