Explicit auth with TEMP tokens · cockroachdb/cockroach#56577

(5 comments) (0 reactions) (0 assignees)Go (32,150 stars) (4,124 forks)batch import

C-wishlistT-disaster-recoverygood first issue

説明

Informs #56536

Use of external storage temp tokens, together with explicit authentication is dangerous. In general, explicitly specified tokens could expire while long running operation (backup, restore) is still executing, without any way for us to regenerate such temp token.

We should error out if external storage URI uses temporary credentials for backup, restore, import, scheduled backup and cdc.

We should also provide an extra URI parameter for the user to specify if they really wish to override this behavior: "&REALLY_USE_TEMP_CREDENTIALS"

Epic CRDB-71

Jira issue: CRDB-2924

コントリビューターガイド

技術スタック: go
領域: databasesecurity
Issue 種別: feature
難度: 4
推定時間: 1-2 days
活動状況: stale
明確さ: clear
前提条件: Go programmingCockroachDB basicsexternal storage conceptsauthentication tokens
初心者向け度: 35
調査方針: Examine the backup and restore code in pkg/backup and pkg/storage. Look for how external storage URIs are parsed and used. Linked issue #56536 provides context. The goal is to detect temporary credential parameters (e.g., in AWS S3 temp tokens) and either reject them or allow an explicit override via a new URI parameter like '&REALLY USE TEMP CREDENTIALS'. Compare with existing validation for other URI parameters.