hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sean Mackrory (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HADOOP-12537) s3a: Add flag for session ID to allow Amazon STS temporary credentials
Date Thu, 10 Dec 2015 19:50:11 GMT

     [ https://issues.apache.org/jira/browse/HADOOP-12537?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Sean Mackrory updated HADOOP-12537:
-----------------------------------
    Attachment: HADOOP-12537.002.patch

I believe this patch addresses all the feedback:

* Fixed the typo in TEST_STS_ENDPOINT
* Renamed checkSettings to setUp()
* TEST_STS_ENABLED is no longer a thing: using the file system contract instead
* Extending AbstractFSContractTestBase, and using ContractTestUtils
* Throwing IOException specifically, instead of the base Exception

Reran similar tests to last time, and also tested that the test is skipped if the contract
doesn't support this.

One weird thing is that I just cannot get ContractOptions.ACCEPTS_TEMPORARY_CREDENTIALS in
scope on my machine when running tests. It should be in scope, but the only way I can get
the tests to pass when they should is by redefining ACCEPTS_TEMPORARY_CREDENTIALS in TestS3ATemporaryCredentials,
which shouldn't be necessary. I worked with [~fabbri] and he was able to run the tests without
the redefinition, so I'm not sure what's going on on my machine...

> s3a: Add flag for session ID to allow Amazon STS temporary credentials
> ----------------------------------------------------------------------
>
>                 Key: HADOOP-12537
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12537
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: fs/s3
>    Affects Versions: 2.7.1
>            Reporter: Sean Mackrory
>            Priority: Minor
>         Attachments: HADOOP-12537.001.patch, HADOOP-12537.002.patch, HADOOP-12537.diff,
HADOOP-12537.diff
>
>
> Amazon STS allows you to issue temporary access key id / secret key pairs for your a
user / role. However, using these credentials also requires specifying a session ID. There
is currently no such configuration property or the required code to pass it through to the
API (at least not that I can find) in any of the S3 connectors.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message