Michael Johnson created HADOOP-19938:
----------------------------------------
Summary: S3A multipart upload fails at CompleteMultipartUpload
when SSE-C encryption is enabled
Key: HADOOP-19938
URL: https://issues.apache.org/jira/browse/HADOOP-19938
Project: Hadoop Common
Issue Type: Sub-task
Components: fs/s3
Affects Versions: 2.9.0, 3.0.0, 3.1.0
Environment: Hadoop 3.1 Snapshot
Reporter: Michael Johnson
Assignee: Anis Elleuch
Fix For: 3.1.0, 2.10.0, 3.0.3
When I enable SSE-C encryption in Hadoop 3.1 and set fs.s3a.multipart.size to
5 Mb, storing data in AWS doesn't work anymore. For example, running the
following code:
{code}
>>> df1 = spark.read.json('/home/user/people.json')
>>> df1.write.mode("overwrite").json("s3a://testbucket/people.json")
{code}
shows the following exception:
{code:java}
com.amazonaws.services.s3.model.AmazonS3Exception: The multipart upload
initiate requested encryption. Subsequent part requests must include the
appropriate encryption parameters.
{code}
After some investigation, I discovered that hadoop-aws doesn't send SSE-C
headers in Put Object Part as stated in AWS specification:
[https://docs.aws.amazon.com/AmazonS3/latest/API/mpUploadUploadPart.html]
{code:java}
If you requested server-side encryption using a customer-provided encryption
key in your initiate multipart upload request, you must provide identical
encryption information in each part upload using the following headers.
{code}
You can find a patch attached to this issue for a better clarification of the
problem.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]