I need to revert
HADOOP-14135 "Remove URI parameter in AWSCredentialProvider constructors", as knowing the bucket in use is needed for
these providers need the URI as it needs to it to decide which keys to scan for/what token to look up.
I know we pulled it out to allow us to talk to DDB without needing a FS URI, but for these specific cases, it is needed —we just won't be able to use the specific auth providers to talk to AWS except to an S3 bucket.
Rather than just revert the patch, I propose waiting for s3guard phase I to be merged in to trunk, then do it, with the JCEKS auth mech being set up to skip looking for a per-bucket secret and key if it doesn't know its bucket name.