[ https://issues.apache.org/jira/browse/HADOOP-13075?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15856321#comment-15856321 ]
Sean Mackrory commented on HADOOP-13075: ---------------------------------------- Can we gracefully skip the SSE-KMS tests when it is not configured? As it is right now, if you run these tests with a configuration that currently works on trunk or with SEE-C configured, a bunch of tests will fail. Things ought to work as best they can with the minimal configuration, and if people configure additional things, fewer tests get skipped. Other than that it's looking pretty good in tests. I've tested in the US and Frankfurt. ITestS3AAWSCredentialsProvider.testAnonymousProvider fails any time you specify a region other than it expects (us-west-2, I think), which is definitely not related. I've had a couple of transient failures in the scale tests against Frankfurt, where operations are failing with 400 Bad Request, but it's not all the time, so my guess would be it's not related to a change in encryption. Gonna keep rerunning a bit to see if I can discern any other pattern there... > Add support for SSE-KMS and SSE-C in s3a filesystem > --------------------------------------------------- > > Key: HADOOP-13075 > URL: https://issues.apache.org/jira/browse/HADOOP-13075 > Project: Hadoop Common > Issue Type: Sub-task > Components: fs/s3 > Affects Versions: 2.8.0 > Reporter: Andrew Olson > Assignee: Steve Moist > Attachments: HADOOP-13075-001.patch, HADOOP-13075-002.patch > > > S3 provides 3 types of server-side encryption [1], > * SSE-S3 (Amazon S3-Managed Keys) [2] > * SSE-KMS (AWS KMS-Managed Keys) [3] > * SSE-C (Customer-Provided Keys) [4] > Of which the S3AFileSystem in hadoop-aws only supports opting into SSE-S3 > (HADOOP-10568) -- the underlying aws-java-sdk makes that very simple [5]. > With native support in aws-java-sdk already available it should be fairly > straightforward [6],[7] to support the other two types of SSE with some > additional fs.s3a configuration properties. > [1] http://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html > [2] > http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html > [3] http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html > [4] > http://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html > [5] http://docs.aws.amazon.com/AmazonS3/latest/dev/SSEUsingJavaSDK.html > [6] > http://docs.aws.amazon.com/AmazonS3/latest/dev/kms-using-sdks.html#kms-using-sdks-java > [7] http://docs.aws.amazon.com/AmazonS3/latest/dev/sse-c-using-java-sdk.html -- This message was sent by Atlassian JIRA (v6.3.15#6346) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org