hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Loughran (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HADOOP-14507) extend per-bucket secret key config with explicit getPassword() on fs.s3a.$bucket.secret,key
Date Thu, 08 Jun 2017 10:29:18 GMT
Steve Loughran created HADOOP-14507:
---------------------------------------

             Summary: extend per-bucket secret key config with explicit getPassword() on fs.s3a.$bucket.secret,key
                 Key: HADOOP-14507
                 URL: https://issues.apache.org/jira/browse/HADOOP-14507
             Project: Hadoop Common
          Issue Type: Sub-task
          Components: fs/s3
            Reporter: Steve Loughran


Per-bucket jceks support turns out to be complex as you have to manage multiple jecks files
& configure the client to ask for the right one. This is because we're calling {{Configuration.getPassword{"fs,s3a.secret.key")}.


If before that, we do a check for the explict id, key, session key in the properties {{fs.s3a.$bucket.secret}}
( & c), we could have a single JCEKs file with all the secrets for different bucket. You
would only need to explicitly point the base config to the secrets file, and the right credentials
would be picked up, if set



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message