You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by st...@apache.org on 2022/05/16 16:48:22 UTC
[hadoop] branch branch-3.3 updated: HADOOP-18234. Fix s3a access point xml examples (#4309)
This is an automated email from the ASF dual-hosted git repository.
stevel pushed a commit to branch branch-3.3
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/branch-3.3 by this push:
new c2071947f85 HADOOP-18234. Fix s3a access point xml examples (#4309)
c2071947f85 is described below
commit c2071947f85685126a3acce738bce23606d7690b
Author: Ashutosh Gupta <as...@st.niituniversity.in>
AuthorDate: Mon May 16 17:47:14 2022 +0100
HADOOP-18234. Fix s3a access point xml examples (#4309)
Contributed by Ashutosh Gupta
Change-Id: Ib99a4c7113d60690c1301d80cd5c27a43c463db0
---
.../src/site/markdown/tools/hadoop-aws/index.md | 16 +++-------------
1 file changed, 3 insertions(+), 13 deletions(-)
diff --git a/hadoop-tools/hadoop-aws/src/site/markdown/tools/hadoop-aws/index.md b/hadoop-tools/hadoop-aws/src/site/markdown/tools/hadoop-aws/index.md
index 146946dda2d..12cfcf984da 100644
--- a/hadoop-tools/hadoop-aws/src/site/markdown/tools/hadoop-aws/index.md
+++ b/hadoop-tools/hadoop-aws/src/site/markdown/tools/hadoop-aws/index.md
@@ -1592,7 +1592,7 @@ Accessing data through an access point, is done by using its ARN, as opposed to
You can set the Access Point ARN property using the following per bucket configuration property:
```xml
<property>
- <name>fs.s3a.sample-bucket.accesspoint.arn</name>
+ <name>fs.s3a.bucket.sample-bucket.accesspoint.arn</name>
<value> {ACCESSPOINT_ARN_HERE} </value>
<description>Configure S3a traffic to use this AccessPoint</description>
</property>
@@ -1602,21 +1602,11 @@ This configures access to the `sample-bucket` bucket for S3A, to go through the
new Access Point ARN. So, for example `s3a://sample-bucket/key` will now use your
configured ARN when getting data from S3 instead of your bucket.
-You can also use an Access Point name as a path URI such as `s3a://finance-team-access/key`, by
-configuring the `.accesspoint.arn` property as a per-bucket override:
-```xml
-<property>
- <name>fs.s3a.finance-team-access.accesspoint.arn</name>
- <value> {ACCESSPOINT_ARN_HERE} </value>
- <description>Configure S3a traffic to use this AccessPoint</description>
-</property>
-```
-
The `fs.s3a.accesspoint.required` property can also require all access to S3 to go through Access
Points. This has the advantage of increasing security inside a VPN / VPC as you only allow access
to known sources of data defined through Access Points. In case there is a need to access a bucket
directly (without Access Points) then you can use per bucket overrides to disable this setting on a
-bucket by bucket basis i.e. `fs.s3a.{YOUR-BUCKET}.accesspoint.required`.
+bucket by bucket basis i.e. `fs.s3a.bucket.{YOUR-BUCKET}.accesspoint.required`.
```xml
<!-- Require access point only access -->
@@ -1626,7 +1616,7 @@ bucket by bucket basis i.e. `fs.s3a.{YOUR-BUCKET}.accesspoint.required`.
</property>
<!-- Disable it on a per-bucket basis if needed -->
<property>
- <name>fs.s3a.example-bucket.accesspoint.required</name>
+ <name>fs.s3a.bucket.example-bucket.accesspoint.required</name>
<value>false</value>
</property>
```
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org