amoro icon indicating copy to clipboard operation
amoro copied to clipboard
verified publisher icon apache

[Improvement]: AK/SK Leakage Security

Open shouwangyw opened this issue 1 year ago • 4 comments

Search before asking

  • [X] I have searched in the issues and found no similar issues.

What would you like to be improved?

image The rest api should probably not be whitelist, as this may expose the user's AK/SK, we need to think about a better way to provide OpenAPI.

How should we improve?

No response

Are you willing to submit PR?

  • [ ] Yes I am willing to submit a PR!

Subtasks

No response

Code of Conduct

shouwangyw avatar Oct 30 '24 04:10 shouwangyw

Thanks for reporting this issue. I reproduce this issue in my dev enviorment. image

xxubai avatar Oct 31 '24 09:10 xxubai

Currently we can remove AK/SK in our configs and inject temporary iam credential via vended-credentials

xxubai avatar Oct 31 '24 09:10 xxubai

The issue arises because the Iceberg Rest Catalog interface currently lacks authentication capabilities. However, if this interface has the potential to expose information from other catalogs at the moment, we should consider adding configuration to enable the Iceberg Rest Catalog, with the default setting being to keep it disabled until we implement an authentication mechanism for the Iceberg Rest Catalog interface.

HDYT? @shouwangyw @XBaith

zhoujinsong avatar Mar 12 '25 07:03 zhoujinsong

The issue arises because the Iceberg Rest Catalog interface currently lacks authentication capabilities. However, if this interface has the potential to expose information from other catalogs at the moment, we should consider adding configuration to enable the Iceberg Rest Catalog, with the default setting being to keep it disabled until we implement an authentication mechanism for the Iceberg Rest Catalog interface.

Indeed, that's correct. In our usage, we remove these REST APIs from the whitelist and enforce Basic Auth and token validation for security. @zhoujinsong

shouwangyw avatar Mar 12 '25 08:03 shouwangyw

This issue has been automatically marked as stale because it has been open for 180 days with no activity. It will be closed in next 14 days if no further activity occurs. To permanently prevent this issue from being considered stale, add the label 'not-stale', but commenting on the issue is preferred when possible.

github-actions[bot] avatar Sep 09 '25 00:09 github-actions[bot]

This issue has been closed because it has not received any activity in the last 14 days since being marked as 'stale'

github-actions[bot] avatar Sep 24 '25 00:09 github-actions[bot]