[HADOOP-14324] Refine S3 server-side-encryption key as encryption secret; improve error reporting and diagnostics - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: 2.9.0
Fix Version/s: 2.9.0, 3.0.0-alpha4
Component/s: fs/s3
Labels:
None

Target Version/s:

2.9.0
Hadoop Flags:

Reviewed

Description

Before this ships, can we rename fs.s3a.server-side-encryption-key to fs.s3a.server-side-encryption.key.

This makes it consistent with all other .key secrets in S3A. so

simplifies documentation
reduces confusion "is it a - or a ."? This confusion is going to surface in config and support

I know that CDH is shipping with the old key, but it'll be easy for them to add a deprecation property to handle the migration. I do at least what the ASF release to be stable before it ships.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-14324-branch-2-001.patch
19/Apr/17 14:50
9 kB
Steve Loughran
HADOOP-14324-branch-2-002.patch
20/Apr/17 06:43
9 kB
John Zhuge
HADOOP-14324-branch-2-003.patch
20/Apr/17 20:22
26 kB
Steve Loughran
HADOOP-14324-trunk-003.patch
21/Apr/17 00:18
27 kB
Mingliang Liu

Issue Links

breaks

HADOOP-15091 S3aUtils.getEncryptionAlgorithm() always logs@Debug "Using SSE-C"

Resolved

depends upon

HADOOP-13075 Add support for SSE-KMS and SSE-C in s3a filesystem

Resolved

is depended upon by

HADOOP-14243 Add S3A sensitive config keys to default list

Resolved

is related to

HADOOP-14507 extend per-bucket secret key config with explicit getPassword() on fs.s3a.$bucket.secret.key

Resolved

Activity

People

Assignee:: Steve Loughran

Reporter:: Steve Loughran

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 19/Apr/17 11:48

Updated:: 13/Sep/21 12:52

Resolved:: 21/Apr/17 00:20