You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "Dushyanth (JIRA)" <ji...@apache.org> on 2016/12/15 01:24:58 UTC

[jira] [Comment Edited] (HADOOP-13863) Azure: Add a new SAS key mode for WASB.

    [ https://issues.apache.org/jira/browse/HADOOP-13863?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15750027#comment-15750027 ] 

Dushyanth edited comment on HADOOP-13863 at 12/15/16 1:23 AM:
--------------------------------------------------------------

Thanks [~stevel@apache.org] for the review.

1) I have added documentation to index.md file for the change.
2) These are azure specific configs name as "fs.zure.*" so not sure if it is a good idean to add them to hadoop-common.
3) I have modified the newly added  Exceptions to extend AzureException

The new patch also has support for the RemoteSASKeyGenerationImpl.


was (Author: dchickabasapa):
Thanks [~stevel@apache.org] for the review.

1) I have added documentation to index.md file for the change.
2) These are azure specific configs name as "fs.zure.*" so not sure if it is a good idean to add them to hadoop-common.
3) I have modified the newly added  Exceptions to extend AzureException

> Azure: Add a new SAS key mode for WASB.
> ---------------------------------------
>
>                 Key: HADOOP-13863
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13863
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: azure, fs/azure
>    Affects Versions: 2.8.0
>            Reporter: Dushyanth
>            Assignee: Dushyanth
>         Attachments: HADOOP-13863.001.patch, HADOOP-13863.002.patch, HADOOP-13863.003.patch, Proposal-Document.pdf
>
>
> Current implementation of WASB, only supports Azure storage keys and SAS key being provided via org.apache.hadoop.conf.Configuration, which results in these secrets residing in the same address space as the WASB process and providing complete access to the Azure storage account and its containers. Added to the fact that WASB does not inherently support ACL's, WASB is its current implementation cannot be securely used for environments like secure hadoop cluster. This JIRA is created to add a new mode in WASB, which operates on Azure Storage SAS keys, which can provide fine grained timed access to containers and blobs, providing a segway into supporting WASB for secure hadoop cluster.
> More details about the issue and the proposal are provided in the design proposal document.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org