hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Matthew Paduano (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-12548) read s3 creds from a Credential Provider
Date Wed, 13 Jan 2016 20:43:39 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-12548?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15096951#comment-15096951

Matthew Paduano commented on HADOOP-12548:

+    } catch (IOException ioe) {
+      // log as appropriate but continue to check userInfo for creds
+      LOG.debug("Error encountered while retrieving AWS secret key.", ioe);
+    }

if one mistypes the filename or some part of the URI etc., the IOE is eaten (maybe logged)

and then return an invalid AWSAccessKeys which blows up in initialize() later on:

"com.amazonaws.AmazonClientException: Unable to load AWS credentials from..."

The object is invalid if the key/secret are both null.  And while all the various layers
are careful to throw a nice exception with message, one has to enable debug logging
and find the logs to find a typo.   Sort of a pain, assuming one can even find/configure 
the logs.  Why proceed quietly from getAWSAccessKeys() if the object is not valid?

> read s3 creds from a Credential Provider
> ----------------------------------------
>                 Key: HADOOP-12548
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12548
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: fs/s3
>            Reporter: Allen Wittenauer
>            Assignee: Larry McCay
>         Attachments: CredentialProviderAPIforS3FS-002.pdf, HADOOP-12548-01.patch, HADOOP-12548-02.patch,
HADOOP-12548-03.patch, HADOOP-12548-04.patch
> It would be good if we could read s3 creds from a source other than via a java property/Hadoop
configuration option

This message was sent by Atlassian JIRA

View raw message