如何保护 kafka 连接,以便 connection.url 不被记录以泄露凭据?
How to secure kafka connect so connection.url is not logged revealing credentials?
我遇到的问题是 运行 连接器时正在记录凭据,我不想记录这些。
任何线索将不胜感激。
尝试使用connection.password 属性,记录时应屏蔽该值。像这样:
curl -X POST http://localhost:8083/connectors -H "Content-Type: application/json" -d \
'{
"name":"jdbc_source_mysql_01",
"config":{
"connector.class":"io.confluent.connect.jdbc.JdbcSourceConnector"
"connection.url":"jdbc:mysql://mysql:3306/demo",
"connection.user":"connect_user",
"connection.password":"password",
"topic.prefix":"mysql-01-",
"mode":"bulk"
}
}'
Post 日志应如下所示:
INFO JdbcSourceTaskConfig values:
batch.max.rows = 100
connection.attempts = 3
connection.backoff.ms = 10000
connection.password = null
connection.url = jdbc:mysql://*REDACTED*
我遇到的问题是 运行 连接器时正在记录凭据,我不想记录这些。
任何线索将不胜感激。
尝试使用connection.password 属性,记录时应屏蔽该值。像这样:
curl -X POST http://localhost:8083/connectors -H "Content-Type: application/json" -d \
'{
"name":"jdbc_source_mysql_01",
"config":{
"connector.class":"io.confluent.connect.jdbc.JdbcSourceConnector"
"connection.url":"jdbc:mysql://mysql:3306/demo",
"connection.user":"connect_user",
"connection.password":"password",
"topic.prefix":"mysql-01-",
"mode":"bulk"
}
}'
Post 日志应如下所示:
INFO JdbcSourceTaskConfig values:
batch.max.rows = 100
connection.attempts = 3
connection.backoff.ms = 10000
connection.password = null
connection.url = jdbc:mysql://*REDACTED*