You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Sean Mackrory (JIRA)" <ji...@apache.org> on 2015/12/10 20:50:11 UTC

[jira] [Updated] (HADOOP-12537) s3a: Add flag for session ID to allow Amazon STS temporary credentials

     [ https://issues.apache.org/jira/browse/HADOOP-12537?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sean Mackrory updated HADOOP-12537:
-----------------------------------
    Attachment: HADOOP-12537.002.patch

I believe this patch addresses all the feedback:

* Fixed the typo in TEST_STS_ENDPOINT
* Renamed checkSettings to setUp()
* TEST_STS_ENABLED is no longer a thing: using the file system contract instead
* Extending AbstractFSContractTestBase, and using ContractTestUtils
* Throwing IOException specifically, instead of the base Exception

Reran similar tests to last time, and also tested that the test is skipped if the contract doesn't support this.

One weird thing is that I just cannot get ContractOptions.ACCEPTS_TEMPORARY_CREDENTIALS in scope on my machine when running tests. It should be in scope, but the only way I can get the tests to pass when they should is by redefining ACCEPTS_TEMPORARY_CREDENTIALS in TestS3ATemporaryCredentials, which shouldn't be necessary. I worked with [~fabbri] and he was able to run the tests without the redefinition, so I'm not sure what's going on on my machine...

> s3a: Add flag for session ID to allow Amazon STS temporary credentials
> ----------------------------------------------------------------------
>
>                 Key: HADOOP-12537
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12537
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: fs/s3
>    Affects Versions: 2.7.1
>            Reporter: Sean Mackrory
>            Priority: Minor
>         Attachments: HADOOP-12537.001.patch, HADOOP-12537.002.patch, HADOOP-12537.diff, HADOOP-12537.diff
>
>
> Amazon STS allows you to issue temporary access key id / secret key pairs for your a user / role. However, using these credentials also requires specifying a session ID. There is currently no such configuration property or the required code to pass it through to the API (at least not that I can find) in any of the S3 connectors.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)