Project

General

Profile

Bug #29020

Encrypt cloud credentials in configuration database

Added by Andrew Walker over 2 years ago. Updated about 2 years ago.

Status:
Done
Priority:
No priority
Assignee:
Vladimir Vinogradenko
Category:
Middleware
Target version:
11.1-U6
Seen in:
11.1-U2
Severity:
Med High
Reason for Closing:
Reason for Blocked:
Needs QA:
No
Needs Doc:
No
Needs Merging:
No
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No
Related projects 1 project

Description

Behavior should probably be the same as other sensitive passwords that we store in DB file.

sqlite> select * from system_cloudcredentials;
        id = 1
      name = S3 Bucket
  provider = AMAZON
attributes = {"access_key": "<redacted>", "secret_key": "<redacted>"}

Associated revisions

Revision a52f12b1 (diff)
Added by Vladimir Vinogradenko over 2 years ago

Encrypt cloud credentials Ticket: #29020

Revision d87688ac (diff)
Added by Vladimir Vinogradenko over 2 years ago

Encrypt cloud credentials Ticket: #29020

Revision c62821fb (diff)
Added by Vladimir Vinogradenko over 2 years ago

Encrypt cloud credentials Ticket: #29020

Revision 319205e5 (diff)
Added by Vladimir Vinogradenko over 2 years ago

Encrypt cloud credentials Ticket: #29020

Revision 2a0f2c30 (diff)
Added by Dru Lavigne over 2 years ago

Mention that cloud credentials are stored encrypted. Ticket: #29020

Revision 5d9ea47c (diff)
Added by Dru Lavigne over 2 years ago

Mention that cloud credentials are stored encrypted. Ticket: #29020

Revision 77d7abb3 (diff)
Added by Vladimir Vinogradenko over 2 years ago

Encrypt cloud credentials Ticket: #29020

Revision c25e3972 (diff)
Added by Vladimir Vinogradenko over 2 years ago

Merge migrations Ticket: #29020

Revision 6f78240d (diff)
Added by Vladimir Vinogradenko over 2 years ago

Merge migrations after merging cloud credentials to stable Ticket: #29020

Revision 0f9b3aeb (diff)
Added by Vladimir Vinogradenko over 2 years ago

Merge migrations after merging cloud credentials to stable Ticket: #29020

Revision aa87d9e8 (diff)
Added by Vladimir Vinogradenko over 2 years ago

Merge migrations after merging cloud credentials to stable Ticket: #29020

Revision 4da7c485 (diff)
Added by Vladimir Vinogradenko about 2 years ago

Merge migrations after merging cloud credentials to stable Ticket: #29020

History

#1 Updated by Dru Lavigne over 2 years ago

  • Project changed from TrueNAS to FreeNAS
  • Category set to Middleware
  • Assignee changed from Ash Gokhale to William Grzybowski
  • Target version changed from N/A to 11.2-RC2
  • Migration Needed deleted (No)
  • Hide from ChangeLog deleted (No)
  • Support Department Priority deleted (0)

#2 Updated by William Grzybowski over 2 years ago

  • Assignee changed from William Grzybowski to Vladimir Vinogradenko

#3 Updated by William Grzybowski over 2 years ago

  • Severity set to Med High

#4 Updated by Vladimir Vinogradenko over 2 years ago

  • Status changed from Not Started to In Progress

#5 Updated by Vladimir Vinogradenko over 2 years ago

  • Status changed from In Progress to Done

#6 Updated by Dru Lavigne over 2 years ago

  • Subject changed from AWS Secret Key is visible in webui and stored in plain-text in freenas-v1.db to Encrypt cloud credentials
  • Target version changed from 11.2-RC2 to 11.2-BETA1
  • Needs Merging changed from Yes to No

#7 Updated by Dru Lavigne over 2 years ago

  • Status changed from Done to Ready for Testing

#8 Updated by Dru Lavigne over 2 years ago

  • Status changed from Ready for Testing to In Progress
  • Target version changed from 11.2-BETA1 to 11.1-U6

As per discussion, this will be backported to U6.

#9 Updated by Dru Lavigne over 2 years ago

  • Subject changed from Encrypt cloud credentials to Encrypt cloud credentials in configuration database
  • Needs Doc changed from Yes to No

#10 Updated by Vladimir Vinogradenko over 2 years ago

  • Status changed from In Progress to Ready for Testing

#11 Updated by Michael Reynolds about 2 years ago

verified the system_cloudcredentials info is encrypted.

#12 Updated by Dru Lavigne about 2 years ago

  • Status changed from Ready for Testing to Done
  • Needs QA changed from Yes to No

Also available in: Atom PDF