scholzj opened a new issue #320: URL: https://github.com/apache/camel-kafka-connector/issues/320
While using the CamelAwssqsSinkConnector, it seems that it is quite easy to find the AWS credentials in the Connect log. One of the examples is the error mentioned in #319 ... but also after I switched to using the following options `camel.component.aws-sqs.access-key`, `camel.component.aws-sqs.secret-key`, `camel.component.aws-sqs.region` ... it for example prints the credentials directly into the log as well: ``` 2020-07-14 11:39:30,563 INFO Auto-configuration summary: (org.apache.camel.main.BaseMainSupport) [pool-13-thread-1] 2020-07-14 11:39:30,563 INFO camel.component.aws-s3.region=US_EAST_1 (org.apache.camel.main.BaseMainSupport) [pool-13-thread-1] 2020-07-14 11:39:30,563 INFO camel.component.aws-s3.accessKey=AKIAIOSFODNN7EXAMPLE (org.apache.camel.main.BaseMainSupport) [pool-13-thread-1] 2020-07-14 11:39:30,563 INFO camel.component.aws-s3.secretKey=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY (org.apache.camel.main.BaseMainSupport) [pool-13-thread-1] ``` I think ideally they should be printed only in the masked form to make sure they cannot leak through the log. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
