You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "Bharat Viswanadham (Jira)" <ji...@apache.org> on 2020/07/22 18:23:00 UTC

[jira] [Updated] (HDDS-4006) S3 MPU not supported on encrypted buckets

     [ https://issues.apache.org/jira/browse/HDDS-4006?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Bharat Viswanadham updated HDDS-4006:
-------------------------------------
    Description: 
With HDDS-3612 buckets created via ozone are also accessible via S3.
This has caused a problem when the bucket is encrypted, the keys are not encrypted on disk.

*2 Issues:*
1. On OM, for each part a new encryption info is generated. During complete Multipart upload, the encryption info is not stored in KeyInfo.
2. On the client, for part upload, the encryption info is silently ignored.

For 0.6.0 release, we can mark this as not supported, and this will be fixed in next release by HDDS-4005




  was:
With HDDS-3612 buckets created via ozone are also accessible via S3.
This has caused a problem when the bucket is encrypted, the keys are not encrypted on disk.

*2 Issues:*
1. On OM, for each part a new encryption info is generated. During complete Multipart upload, the encryption info is not stored in KeyInfo.
2. On the client, for part upload, the encryption info is silently ignored.





> S3 MPU not supported on encrypted buckets
> -----------------------------------------
>
>                 Key: HDDS-4006
>                 URL: https://issues.apache.org/jira/browse/HDDS-4006
>             Project: Hadoop Distributed Data Store
>          Issue Type: Bug
>            Reporter: Bharat Viswanadham
>            Priority: Major
>
> With HDDS-3612 buckets created via ozone are also accessible via S3.
> This has caused a problem when the bucket is encrypted, the keys are not encrypted on disk.
> *2 Issues:*
> 1. On OM, for each part a new encryption info is generated. During complete Multipart upload, the encryption info is not stored in KeyInfo.
> 2. On the client, for part upload, the encryption info is silently ignored.
> For 0.6.0 release, we can mark this as not supported, and this will be fixed in next release by HDDS-4005



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org