Explicit auth with TEMP tokens · cockroachdb/cockroach#56577

(5 留言) (0 反應) (0 負責人)Go (32,150 star) (4,124 fork)batch import

C-wishlistT-disaster-recoverygood first issue

描述

Informs #56536

Use of external storage temp tokens, together with explicit authentication is dangerous. In general, explicitly specified tokens could expire while long running operation (backup, restore) is still executing, without any way for us to regenerate such temp token.

We should error out if external storage URI uses temporary credentials for backup, restore, import, scheduled backup and cdc.

We should also provide an extra URI parameter for the user to specify if they really wish to override this behavior: "&REALLY_USE_TEMP_CREDENTIALS"

Epic CRDB-71

Jira issue: CRDB-2924

貢獻者指南

技術棧: go
領域: databasesecurity
議題類型: feature
難度: 4
預計時間: 1-2 days
活動狀態: stale
清晰度: clear
前置要求: Go programmingCockroachDB basicsexternal storage conceptsauthentication tokens
新手友善度: 35
研究方向: Examine the backup and restore code in pkg/backup and pkg/storage. Look for how external storage URIs are parsed and used. Linked issue #56536 provides context. The goal is to detect temporary credential parameters (e.g., in AWS S3 temp tokens) and either reject them or allow an explicit override via a new URI parameter like '&REALLY USE TEMP CREDENTIALS'. Compare with existing validation for other URI parameters.