hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Loughran (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-14135) Remove URI parameter in AWSCredentialProvider constructors
Date Thu, 13 Jul 2017 19:18:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-14135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16086251#comment-16086251
] 

Steve Loughran commented on HADOOP-14135:
-----------------------------------------

This is for functionality, not logging

* in HADOOP-14507 I'm explicitly asking for the bucket secrets (fs.s3a.bucket.MYBUCKET.secret.key)
etc. Easy to add to the normal login, but I can't do it in {{TemporaryAWSCredentialsProvider}}
as it doesn't know the bucket
* HADOOP-14556 proposes a credential provider will also need to know the bucket (maybe even
URI) of the FS, so it can ask UGI for the right token

> Remove URI parameter in AWSCredentialProvider constructors
> ----------------------------------------------------------
>
>                 Key: HADOOP-14135
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14135
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3
>            Reporter: Mingliang Liu
>            Assignee: Mingliang Liu
>             Fix For: 2.9.0, 3.0.0-alpha4, 2.8.2
>
>         Attachments: HADOOP-14135.000.patch, HADOOP-14135.001.patch, HADOOP-14135.002.patch,
HADOOP-14135.003.patch
>
>
> This was from comment in [HADOOP-13252].
> It looks like the URI parameter is not needed for our AWSCredentialProvider constructors.
This was useful because we relied on URI parameter for retrieving user:pass. Now in binding
URIs, we have
> {code}
> 279 S3xLoginHelper.Login creds = getAWSAccessKeys(binding, conf);
> 280	      credentials.add(new BasicAWSCredentialsProvider(
> 281	              creds.getUser(), creds.getPassword()));
> {code}
> This way, we only need configuration object (if necessary) for all AWSCredentialProvider
implementations. The benefit is that, if we create AWSCredentialProvider list for DynamoDB,
we don't have to pass down the associated file system URI. This might be useful to S3Guard
tools.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message