You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by "Steve Loughran (JIRA)" <ji...@apache.org> on 2017/08/02 12:32:01 UTC

[jira] [Created] (HADOOP-14723) reinstate URI parameter in AWSCredentialProvider constructors

Steve Loughran created HADOOP-14723:
---------------------------------------

             Summary: reinstate URI parameter in AWSCredentialProvider constructors
                 Key: HADOOP-14723
                 URL: https://issues.apache.org/jira/browse/HADOOP-14723
             Project: Hadoop Common
          Issue Type: Sub-task
          Components: fs/s3
    Affects Versions: 2.9.0
            Reporter: Steve Loughran
            Assignee: Steve Loughran


I need to revert HADOOP-14135 "Remove URI parameter in AWSCredentialProvider constructors", as knowing the bucket in use is needed for

* HADOOP-14507: per bucket secrets in JCEKS files
* HADOOP-14556: delegation tokens in S3A

these providers need the URI as it needs to it to decide which keys to scan for/what token to look up.

I know we pulled it out to allow us to talk to DDB without needing a FS URI, but for these specific cases, it is needed —we just won't be able to use the specific auth providers to talk to AWS except to an S3 bucket. 

Rather than just revert the patch, I propose waiting for s3guard phase I to be merged in to trunk, then do it, with the JCEKS auth mech being set up to skip looking for a per-bucket secret and key if it doesn't know its bucket name.




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org