Michael Johnson created HADOOP-19938:
----------------------------------------

             Summary: S3A multipart upload fails at CompleteMultipartUpload 
when SSE-C encryption is enabled
                 Key: HADOOP-19938
                 URL: https://issues.apache.org/jira/browse/HADOOP-19938
             Project: Hadoop Common
          Issue Type: Sub-task
          Components: fs/s3
    Affects Versions: 2.9.0, 3.0.0, 3.1.0
         Environment: Hadoop 3.1 Snapshot
            Reporter: Michael Johnson
            Assignee: Anis Elleuch
             Fix For: 3.1.0, 2.10.0, 3.0.3


When I enable SSE-C encryption in Hadoop 3.1 and set  fs.s3a.multipart.size to 
5 Mb, storing data in AWS doesn't work anymore. For example, running the 
following code:
{code}
>>> df1 = spark.read.json('/home/user/people.json')
>>> df1.write.mode("overwrite").json("s3a://testbucket/people.json")
{code}
shows the following exception:
{code:java}
com.amazonaws.services.s3.model.AmazonS3Exception: The multipart upload 
initiate requested encryption. Subsequent part requests must include the 
appropriate encryption parameters.
{code}

After some investigation, I discovered that hadoop-aws doesn't send SSE-C 
headers in Put Object Part as stated in AWS specification: 
[https://docs.aws.amazon.com/AmazonS3/latest/API/mpUploadUploadPart.html]
{code:java}
If you requested server-side encryption using a customer-provided encryption 
key in your initiate multipart upload request, you must provide identical 
encryption information in each part upload using the following headers.
{code}
 
You can find a patch attached to this issue for a better clarification of the 
problem.





--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to