How to secure kafka connect so connection.url is not logged revealing credentials?

问题

The problem I am having is that credentials are being logged when running a connector, I don't want to log those.

Any leads will be appreciated.

回答1:

Try to use the connection.password property, the value should be masked while logging. Something like this :

curl -X POST http://localhost:8083/connectors -H "Content-Type: application/json" -d \
'{ 
   "name":"jdbc_source_mysql_01",
   "config":{    
      "connector.class":"io.confluent.connect.jdbc.JdbcSourceConnector"         
      "connection.url":"jdbc:mysql://mysql:3306/demo",
      "connection.user":"connect_user",
      "connection.password":"password",
      "topic.prefix":"mysql-01-",
      "mode":"bulk"
   }
}'

Post this the logs should look like :

INFO JdbcSourceTaskConfig values:
batch.max.rows = 100
connection.attempts = 3
connection.backoff.ms = 10000
connection.password = null
connection.url = jdbc:mysql://*REDACTED*

来源：https://stackoverflow.com/questions/59961678/how-to-secure-kafka-connect-so-connection-url-is-not-logged-revealing-credential

标签

apache-kafka

apache-kafka-connect

易学教程内所有资源均来自网络或用户发布的内容，如有违反法律规定的内容欢迎反馈！
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!