Riak CS - admin keys changing

Toby Corkindale toby at dryft.net
Sun Jan 15 20:02:58 EST 2017


Hi,
I have a follow-up question around this security aspect.

If the riak-cs.conf and stanchion.conf files are changed so that their
admin.key and admin.secret match a different user (eg. not that
first-created admin user) then will that user now have admin-like
privileges?

Or are the admin-abilities determined by something set in the admin user's
data in Riak?

Thanks,
Toby

On Fri, 13 Jan 2017 at 16:38 Toby Corkindale <toby at dryft.net> wrote:

> Thanks, Luke!
>
> On Fri, 13 Jan 2017 at 12:10 Luke Bakken <lbakken at basho.com> wrote:
>
> Hi Toby,
>
> When you create the user, the data is stored in Riak (and is the
> authoritative location). The values must match in the config files to
> provide credentials used when connecting to various parts of your CS
> cluster.
>
> --
> Luke Bakken
> Engineer
> lbakken at basho.com
>
> On Thu, Jan 12, 2017 at 3:47 PM, Toby Corkindale <toby at dryft.net> wrote:
> > Hi,
> > In Riak CS, the admin key and secret is in the config files for both CS
> and
> > Stanchion.
> > Is that the authoritative location for the secrets, or is the
> > initially-created admin user the source, and those just have to match?
> >
> > I tried to figure this out from the source code, but my Erlang really
> isn't
> > up to scratch :(
> >
> > Toby
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.basho.com/pipermail/riak-users_lists.basho.com/attachments/20170116/dd35270e/attachment-0002.html>


More information about the riak-users mailing list