<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Fri Feb 09 00:28:01 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[UXPROD-2931] NFR: Increase security of Kafka for Remote storage</title>
                <link>https://folio-org.atlassian.net/browse/UXPROD-2931</link>
                <project id="10000" key="UXPROD">UX Product</project>
                    <description>&lt;p&gt;&lt;b&gt;Current situation or problem&lt;/b&gt;: Remote storage its transactions are direct Kafka connections.&lt;/p&gt;

&lt;p&gt;There were some concerns raised in the community regarding how secure the direct connection will be. To address these concerns, the new solution was designed: &lt;a href=&quot;https://folio-org.atlassian.net/wiki/display/DD/Temporary+Kafka+security+solution&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://folio-org.atlassian.net/wiki/display/DD/Temporary+Kafka+security+solution&lt;/a&gt;. &lt;br/&gt;
The solution was reviewed and approved by the Security group and Tech Council.&lt;/p&gt;

&lt;p&gt;Multi-tenancy on Kafka&apos;s side is implemented for the modules differently, so it will take time to make the changes in them that unify the multi-tenancy approach.&lt;br/&gt;
However, the direct Kafka connections should be secured in R1, so a simplified version of the solution is proposed for now.&lt;/p&gt;

&lt;p&gt;&lt;b&gt;In scope&lt;/b&gt;&#160;&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;Add module-level Kafka user credentials support to Remote storage.&#160;The credentials should be provided to all producers and consumers of a module with other Kafka client settings. Changes in PubSub are required since once Kafka authentication and authorization are enabled, the PubSub will need to pass through them as well.&lt;/li&gt;
	&lt;li&gt;Add TLS support to the same modules.&lt;br/&gt;
Same here, the settings should be provided to all producers and consumers of a module with other Kafka client settings.&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;How it could be implemented:&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;ModuleDescriptor should be updated to include the new Kafka settings: TLS, and, for now, user credentials (the credentials later could be injected to container a different way, for instance, as EnvironmentVariables)&lt;/li&gt;
	&lt;li&gt;Update a class that represents Kafka config&lt;/li&gt;
	&lt;li&gt;Update a class(es) that creates and assigns the config to Kafka producers and consumers&lt;/li&gt;
	&lt;li&gt;Test the updates&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;&lt;b&gt;Out of scope&lt;/b&gt;&lt;br/&gt;
This work is also needed for ElasticSearch and Data import, but those applications/modules are managed by other dev teams&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Proposed solution/How it could be implemented:&lt;/b&gt;&lt;/p&gt;

&lt;ul&gt;
	&lt;li&gt;ModuleDescriptor should be updated to include the new Kafka settings: TLS, and, for now, user credentials (the credentials later could be injected to container a different way, for instance, as EnvironmentVariables)&lt;/li&gt;
	&lt;li&gt;Update a class that represents Kafka config&lt;/li&gt;
	&lt;li&gt;Update a class(es) that creates and assigns the config to Kafka producers and consumers&lt;/li&gt;
	&lt;li&gt;Test the updates&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;&lt;b&gt;Links to additional info&lt;/b&gt;&lt;br/&gt;
&lt;a href=&quot;https://folio-org.atlassian.net/wiki/display/DD/Temporary+Kafka+security+solution&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://folio-org.atlassian.net/wiki/display/DD/Temporary+Kafka+security+solution&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Questions&lt;/b&gt;&lt;/p&gt;</description>
                <environment></environment>
        <key id="12001">UXPROD-2931</key>
            <summary>NFR: Increase security of Kafka for Remote storage</summary>
                <type id="10002" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10322?size=medium">New Feature</type>
                            <parent id="10049">UXPROD-790</parent>
                                    <priority id="10001" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p2.svg">P2</priority>
                        <status id="6" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="green"/>
                                    <resolution id="10003">Done</resolution>
                                                        <assignee accountid="5d794c218ce6b60c3810eb8a">Stephanie Buck</assignee>
                                                                <reporter accountid="5d794c218ce6b60c3810eb8a">Stephanie Buck</reporter>
                                    <labels>
                            <label>NFR</label>
                            <label>security</label>
                            <label>security-reviewed</label>
                    </labels>
                <created>Tue, 2 Mar 2021 17:32:37 +0000</created>
                <updated>Mon, 21 Jun 2021 17:15:18 +0000</updated>
                            <resolved>Mon, 21 Jun 2021 17:15:18 +0000</resolved>
                                                    <fixVersion>R2 2021</fixVersion>
                                        <due></due>
                            <votes>0</votes>
                                    <watches>2</watches>
                                                                <comments>
                                                            <comment id="16590" author="5af5e627525ba96b58654f12" created="Thu, 4 Mar 2021 06:46:40 +0000"  >&lt;p&gt;Reviewed at Tech Council this week; decided that the work does not need to be done until R2 2021/Juniper&lt;/p&gt;</comment>
                                                            <comment id="16593" author="62a96ae7192edb006f9f1bf9" created="Thu, 3 Jun 2021 00:26:28 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5d794c218ce6b60c3810eb8a&quot; class=&quot;user-hover&quot; rel=&quot;5d794c218ce6b60c3810eb8a&quot; data-account-id=&quot;5d794c218ce6b60c3810eb8a&quot; accountid=&quot;5d794c218ce6b60c3810eb8a&quot; rel=&quot;noreferrer&quot;&gt;Stephanie Buck&lt;/a&gt;, can this feature be moved to In Progress?&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10008">
                    <name>Defines</name>
                                                                <inwardlinks description="is defined by ">
                                        <issuelink>
            <issuekey id="73445">MODRS-62</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10003">
                    <name>Relates</name>
                                            <outwardlinks description="relates to">
                                        <issuelink>
            <issuekey id="11997">UXPROD-2929</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10053" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Back End Estimate</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10122"><![CDATA[Large < 10 days]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                <customfield id="customfield_10065" key="com.atlassian.jira.plugin.system.customfieldtypes:textfield">
                        <customfieldname>Cap Plan Fix Version (DO NOT CHANGE)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>R2 2021</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10152"><![CDATA[Firebird]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10014" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue key="$xmlutils.escape($text)">Requests</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10050" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Front End Estimate</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10095"><![CDATA[Very Small (VS) < 1day]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10052" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Front-End Confidence factor</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10107"><![CDATA[Low]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10063" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>PO Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i02etz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Thu, 4 Mar 2021 06:46:40 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10025" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>[CHART] Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>