hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Loughran (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-15176) Enhance IAM assumed role support in S3A client
Date Thu, 15 Feb 2018 14:37:00 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-15176?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16365630#comment-16365630
] 

Steve Loughran commented on HADOOP-15176:
-----------------------------------------

bq. For me? Michael Jackson, when I was really young and Thriller came out. I digress.

you know, I didn't even see that when I wrote it. I'll leave it in for your amusement: you
can practise your moves during test runs


bq, Minor compatibility issue here to call out for existing configs

Never shipped. I just think that the root package is getting too big, so I want to put all
new auth stuff into s3.auth, and misc extensions under s3a.ext. And if you haven't noticed,
I've claimed org.apache.fs.store in hadoop-common for object store stuff to be shared cross
connectors, which is a goal I have. There's been too much historical copy and paste, and we
are suffering now that there are 6 connectors in our own codebase.

bq. This is where we catch AccessDeniedException in delete(). Shouldn't the error message
say "access denied" so folks know why, without having to use debug level logging?

will do.

I'll apply the change, do a full retest, then commit. thanks for the revie.

> Enhance IAM assumed role support in S3A client
> ----------------------------------------------
>
>                 Key: HADOOP-15176
>                 URL: https://issues.apache.org/jira/browse/HADOOP-15176
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3, test
>    Affects Versions: 3.1.0
>         Environment: 
>            Reporter: Steve Loughran
>            Assignee: Steve Loughran
>            Priority: Blocker
>         Attachments: HADOOP-15176-001.patch, HADOOP-15176-002.patch, HADOOP-15176-003.patch,
HADOOP-15176-004.patch
>
>
> Followup HADOOP-15141 with
> * Code to generate basic AWS json policies somewhat declaratively (no hand coded strings)
> * Tests to simulate users with different permissions down the path of a single bucket
> * test-driven changes to S3A client to handle user without full write up the FS tree
> * move the new authenticator into the s3a sub-package "auth", where we can put more auth
stuff (that base s3a package is getting way too big)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org


Mime
View raw message