[HADOOP-14723] reinstate URI parameter in AWSCredentialProvider constructors - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Resolved
Priority: Major
Resolution: Duplicate
Affects Version/s: 2.9.0
Fix Version/s: None
Component/s: fs/s3
Labels:
None

Target Version/s:

3.1.0

Description

I need to revert ~~HADOOP-14135~~ "Remove URI parameter in AWSCredentialProvider constructors", as knowing the bucket in use is needed for

~~HADOOP-14507~~: per bucket secrets in JCEKS files
~~HADOOP-14556~~: delegation tokens in S3A

these providers need the URI as it needs to it to decide which keys to scan for/what token to look up.

I know we pulled it out to allow us to talk to DDB without needing a FS URI, but for these specific cases, it is needed —we just won't be able to use the specific auth providers to talk to AWS except to an S3 bucket.

Rather than just revert the patch, I propose waiting for s3guard phase I to be merged in to trunk, then do it, with the JCEKS auth mech being set up to skip looking for a per-bucket secret and key if it doesn't know its bucket name.

Attachments

Issue Links

is broken by

HADOOP-14135 Remove URI parameter in AWSCredentialProvider constructors

Resolved

Is contained by

HADOOP-14507 extend per-bucket secret key config with explicit getPassword() on fs.s3a.$bucket.secret.key

Resolved

is depended upon by

HADOOP-14507 extend per-bucket secret key config with explicit getPassword() on fs.s3a.$bucket.secret.key

Resolved

HADOOP-14556 S3A to support Delegation Tokens

Resolved

Activity

People

Assignee:: Steve Loughran

Reporter:: Steve Loughran

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 02/Aug/17 12:31

Updated:: 15/Nov/17 20:14

Resolved:: 15/Nov/17 20:14