Return-Path: <common-issues-return-144975-archive-asf-public=cust-asf.ponee.io@hadoop.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 9F3E6200D45
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Thu, 23 Nov 2017 19:34:05 +0100 (CET)
Received: by cust-asf.ponee.io (Postfix)
	id 9CA00160BFE; Thu, 23 Nov 2017 18:34:05 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id E31E0160BED
	for <archive-asf-public@cust-asf.ponee.io>; Thu, 23 Nov 2017 19:34:04 +0100 (CET)
Received: (qmail 24844 invoked by uid 500); 23 Nov 2017 18:34:04 -0000
Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:common-issues-help@hadoop.apache.org>
List-Unsubscribe: <mailto:common-issues-unsubscribe@hadoop.apache.org>
List-Post: <mailto:common-issues@hadoop.apache.org>
List-Id: <common-issues.hadoop.apache.org>
Delivered-To: mailing list common-issues@hadoop.apache.org
Received: (qmail 24830 invoked by uid 99); 23 Nov 2017 18:34:04 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 23 Nov 2017 18:34:04 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id 52177C42AA
	for <common-issues@hadoop.apache.org>; Thu, 23 Nov 2017 18:34:03 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -99.011
X-Spam-Level: 
X-Spam-Status: No, score=-99.011 tagged_above=-999 required=6.31
	tests=[KAM_ASCII_DIVIDERS=0.8, KB_WAM_FROM_NAME_SINGLEWORD=0.2,
	SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100]
	autolearn=disabled
Received: from mx1-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024)
	with ESMTP id DmxB86fMVilI for <common-issues@hadoop.apache.org>;
	Thu, 23 Nov 2017 18:34:01 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTP id 324A35FB91
	for <common-issues@hadoop.apache.org>; Thu, 23 Nov 2017 18:34:01 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id A4D34E0140
	for <common-issues@hadoop.apache.org>; Thu, 23 Nov 2017 18:34:00 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
	by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 5910A241A0
	for <common-issues@hadoop.apache.org>; Thu, 23 Nov 2017 18:34:00 +0000 (UTC)
Date: Thu, 23 Nov 2017 18:34:00 +0000 (UTC)
From: "Steve Loughran (JIRA)" <jira@apache.org>
To: common-issues@hadoop.apache.org
Message-ID: <JIRA.13078275.1496917718000.311594.1511462040358@Atlassian.JIRA>
In-Reply-To: <JIRA.13078275.1496917718000@Atlassian.JIRA>
References: <JIRA.13078275.1496917718000@Atlassian.JIRA> <JIRA.13078275.1496917718289@jira-lw-us.apache.org>
Subject: [jira] [Updated] (HADOOP-14507) extend per-bucket secret key config
 with explicit getPassword() on fs.s3a.$bucket.secret,key
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394
archived-at: Thu, 23 Nov 2017 18:34:05 -0000


     [ https://issues.apache.org/jira/browse/HADOOP-14507?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Steve Loughran updated HADOOP-14507:
------------------------------------
    Status: Open  (was: Patch Available)

> extend per-bucket secret key config with explicit getPassword() on fs.s3a.$bucket.secret,key
> --------------------------------------------------------------------------------------------
>
>                 Key: HADOOP-14507
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14507
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3
>    Affects Versions: 2.8.1
>            Reporter: Steve Loughran
>            Assignee: Steve Loughran
>         Attachments: HADOOP-14507-001.patch, HADOOP-14507-002.patch, HADOOP-14507-003.patch, HADOOP-14507-004.patch
>
>
> Per-bucket jceks support turns out to be complex as you have to manage multiple jecks files & configure the client to ask for the right one. This is because we're calling {{Configuration.getPassword{"fs,s3a.secret.key"}}. 
> If before that, we do a check for the explict id, key, session key in the properties {{fs.s3a.$bucket.secret}} ( & c), we could have a single JCEKs file with all the secrets for different bucket. You would only need to explicitly point the base config to the secrets file, and the right credentials would be picked up, if set



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org