[jira] [Updated] (HADOOP-14723) reinstate URI parameter in AWSCredentialProvider constructors
[ https://issues.apache.org/jira/browse/HADOOP-14723?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Steve Loughran updated HADOOP-14723: Parent Issue: HADOOP-14831 (was: HADOOP-13204) > reinstate URI parameter in AWSCredentialProvider constructors > - > > Key: HADOOP-14723 > URL: https://issues.apache.org/jira/browse/HADOOP-14723 > Project: Hadoop Common > Issue Type: Sub-task > Components: fs/s3 >Affects Versions: 2.9.0 >Reporter: Steve Loughran >Assignee: Steve Loughran > > I need to revert HADOOP-14135 "Remove URI parameter in AWSCredentialProvider > constructors", as knowing the bucket in use is needed for > * HADOOP-14507: per bucket secrets in JCEKS files > * HADOOP-14556: delegation tokens in S3A > these providers need the URI as it needs to it to decide which keys to scan > for/what token to look up. > I know we pulled it out to allow us to talk to DDB without needing a FS URI, > but for these specific cases, it is needed —we just won't be able to use the > specific auth providers to talk to AWS except to an S3 bucket. > Rather than just revert the patch, I propose waiting for s3guard phase I to > be merged in to trunk, then do it, with the JCEKS auth mech being set up to > skip looking for a per-bucket secret and key if it doesn't know its bucket > name. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Updated] (HADOOP-14723) reinstate URI parameter in AWSCredentialProvider constructors
[ https://issues.apache.org/jira/browse/HADOOP-14723?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Arun Suresh updated HADOOP-14723: - Target Version/s: 3.1.0 (was: 2.9.0, 3.0.0) > reinstate URI parameter in AWSCredentialProvider constructors > - > > Key: HADOOP-14723 > URL: https://issues.apache.org/jira/browse/HADOOP-14723 > Project: Hadoop Common > Issue Type: Sub-task > Components: fs/s3 >Affects Versions: 2.9.0 >Reporter: Steve Loughran >Assignee: Steve Loughran > > I need to revert HADOOP-14135 "Remove URI parameter in AWSCredentialProvider > constructors", as knowing the bucket in use is needed for > * HADOOP-14507: per bucket secrets in JCEKS files > * HADOOP-14556: delegation tokens in S3A > these providers need the URI as it needs to it to decide which keys to scan > for/what token to look up. > I know we pulled it out to allow us to talk to DDB without needing a FS URI, > but for these specific cases, it is needed —we just won't be able to use the > specific auth providers to talk to AWS except to an S3 bucket. > Rather than just revert the patch, I propose waiting for s3guard phase I to > be merged in to trunk, then do it, with the JCEKS auth mech being set up to > skip looking for a per-bucket secret and key if it doesn't know its bucket > name. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org
[jira] [Updated] (HADOOP-14723) reinstate URI parameter in AWSCredentialProvider constructors
[ https://issues.apache.org/jira/browse/HADOOP-14723?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Steve Loughran updated HADOOP-14723: Target Version/s: 2.9.0, 3.0.0-beta1 > reinstate URI parameter in AWSCredentialProvider constructors > - > > Key: HADOOP-14723 > URL: https://issues.apache.org/jira/browse/HADOOP-14723 > Project: Hadoop Common > Issue Type: Sub-task > Components: fs/s3 >Affects Versions: 2.9.0 >Reporter: Steve Loughran >Assignee: Steve Loughran > > I need to revert HADOOP-14135 "Remove URI parameter in AWSCredentialProvider > constructors", as knowing the bucket in use is needed for > * HADOOP-14507: per bucket secrets in JCEKS files > * HADOOP-14556: delegation tokens in S3A > these providers need the URI as it needs to it to decide which keys to scan > for/what token to look up. > I know we pulled it out to allow us to talk to DDB without needing a FS URI, > but for these specific cases, it is needed —we just won't be able to use the > specific auth providers to talk to AWS except to an S3 bucket. > Rather than just revert the patch, I propose waiting for s3guard phase I to > be merged in to trunk, then do it, with the JCEKS auth mech being set up to > skip looking for a per-bucket secret and key if it doesn't know its bucket > name. -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org