Reporting: Analytics and Audit Data Logging for External Reporting (UXPROD-330)

[UXPROD-1225] Security and Access Control for Message Queue Created: 03/Oct/18  Updated: 17/Mar/22  Resolved: 19/Jan/19

Status: Closed
Project: UX Product
Components: None
Affects versions: None
Fix versions: None
Parent: Reporting: Analytics and Audit Data Logging for External Reporting

Type: Story Priority: P3
Reporter: VBar Assignee: Unassigned
Resolution: Done Votes: 0
Labels: analytics, kafka
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Relates
relates to UXPROD-332 Message Queue for Data Extraction Closed
Epic Link: Reporting: Analytics and Audit Data Logging for External Reporting
Back End Estimate: Medium < 5 days
Back End Estimator: VBar
Development Team: EBSCO - FSE

 Description   

The Kafka message queue will be directly accessible for integration with external systems. The external systems will consume the queue directly though the use of Kafka-specific consumer code (e.g. Kafka Streams API).

This story is intended to ensure that access is not unrestricted, resulting in a point of vulnerability and potential exploitation in any Folio installation.

Design details are still TBD, to be informed by other Kafka related user stories. Possible options include:

  • using native Kafka security features
  • introducing an Edge-API like facade.


 Comments   
Comment by VBar [ 19/Jan/19 ]

Closing as no further development is needed at this time. The initial release will rely on native security features of Kafka.

Generated at Fri Feb 09 00:13:48 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.