We should test EZs with KMS.
hadoop-kms is not being published to maven
KMS: KeyAuthorizationKeyProvider should verify the keyversion belongs to the keyname on decrypt
KMSClientProvider should use getAuthenticationMethod() to determine if in proxyuser mode or not
Create MiniKMS for testing
KMSClientProvider should drain the local generated EEK cache on key rollover