[jira] [Commented] (HADOOP-19587) S3A Analytics-Accelerator: Add support SSE-C

[ASF GitHub Bot (Jira)]

    [ 
https://issues.apache.org/jira/browse/HADOOP-19587?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18043635#comment-18043635
 ] 

ASF GitHub Bot commented on HADOOP-19587:
-----------------------------------------

rajdchak opened a new pull request, #7738:
URL: https://github.com/apache/hadoop/pull/7738

   <!--
     Thanks for sending a pull request!
       1. If this is your first time, please read our contributor guidelines: 
https://cwiki.apache.org/confluence/display/HADOOP/How+To+Contribute
       2. Make sure your PR title starts with JIRA issue id, e.g., 
'HADOOP-17799. Your PR title ...'.
   -->
   
   ### Description of PR
   
   This PR is for the integration of S3A with SSE_C support introduced in 
Analytics Accelerator library.
   
   
   ### How was this patch tested?
   Ran all the integrations tests in hadoop-aws on EC2 instance. 
   
   Setup:
   Created personal bucket in us-west-2 region. Ran the integrations tests in 
hadoop-aws with the configs mainly enabling Analytics stream and SSEC 
encryption.
   ```
   <configuration>
       <property>
           <name>test.fs.s3a.name</name>
           <value>s3a://rajdchak-s3a-integration/</value>
       </property>
   
       <property>
           <name>fs.contract.test.fs.s3a</name>
           <value>${test.fs.s3a.name}</value>
       </property>
   
       <property>
           <name>fs.s3a.endpoint.region</name>
           <value>us-west-2</value>
       </property>
   
       <property>
           <name>fs.s3a.access.key</name>
           <description>AWS access key ID. Omit for IAM role-based 
authentication.</description>
           <value> </value>
       </property>
   
       <property>
           <name>fs.s3a.secret.key</name>
           <description>AWS secret key. Omit for IAM role-based 
authentication.</description>
           <value> </value>
       </property>
   
       <property>
           <name>fs.s3a.session.token</name>
           <value>
              
           </value>
       </property>
   
       <property>
           <name>fs.s3a.aws.credentials.provider</name>
           <value>
               org.apache.hadoop.fs.s3a.TemporaryAWSCredentialsProvider
           </value>
       </property>
   
       <property>
           <name>fs.s3a.scale.test.enabled</name>
           <value>true</value>
       </property>
   
       <property>
           <name>fs.s3a.input.stream.type</name>
           <value>analytics</value>
       </property>
   
       <property>
           <name>fs.s3a.encryption.algorithm</name>
           <description>Specify a server-side encryption or client-side
               encryption algorithm for s3a: file system. Unset by default. It 
supports the
               following values: 'AES256' (for SSE-S3), 'SSE-KMS', 'SSE-C', and 
'CSE-KMS'
           </description>
           <value>SSE-C</value>
       </property>
   
       <property>
           <name>fs.s3a.encryption.key</name>
           <description>Specific encryption key to use if 
fs.s3a.encryption.algorithm
               has been set to 'SSE-KMS', 'SSE-C' or 'CSE-KMS'. In the case of 
SSE-C
               , the value of this property should be the Base64 encoded key. 
If you are
               using SSE-KMS and leave this property empty, you'll be using 
your default's
               S3 KMS key, otherwise you should set this property to the 
specific KMS key
               id. In case of 'CSE-KMS' this value needs to be the AWS-KMS Key 
ID
               generated from AWS console.
           </description>
           <value>AO8XKQXJgtIS9G+IrSWZ2eSNW1yJlvqElVoVcNlvDqE=</value>
       </property>
   
   
   </configuration>
   ```
   
   However unrelated to these changes whenever we enabled SSE_C there are 
multiple tests which fail with Bad Request exception as they are running on 
public buckets like ```noaa-cors-pds```. We should take an action item to 
disable those tests if SSE_C is enabled. Created an issue for this error 
https://issues.apache.org/jira/browse/HADOOP-19590 .
   
   ### For code changes:
   
   - [x] Does the title or this PR starts with the corresponding JIRA issue id 
(e.g. 'HADOOP-17799. Your PR title ...')?
   - [x] Object storage: have the integration tests been executed and the 
endpoint declared according to the connector-specific documentation?
   - [ ] If adding new dependencies to the code, are these dependencies 
licensed in a way that is compatible for inclusion under [ASF 
2.0](http://www.apache.org/legal/resolved.html#category-a)?
   - [ ] If applicable, have you updated the `LICENSE`, `LICENSE-binary`, 
`NOTICE-binary` files?
   
   




> S3A Analytics-Accelerator: Add support SSE-C
> --------------------------------------------
>
>                 Key: HADOOP-19587
>                 URL: https://issues.apache.org/jira/browse/HADOOP-19587
>             Project: Hadoop Common
>          Issue Type: Sub-task
>            Reporter: Ahmar Suhail
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 3.5.0, 3.4.3
>
>
> Pass down SSE-C key to AAL so it can be attached while making the GET request.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org