[ https://issues.apache.org/jira/browse/YARN-9039?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16694929#comment-16694929 ]
Bibin A Chundatt commented on YARN-9039: ---------------------------------------- Thank you [~suma.shivaprasad] for discussion. # We might have to fix LogAggregationHtmlBlock#checkAcls too. About solution for the problem, I was reading though S3 documentation. Can we make use of IAM folder and permission control. # Configure separate bucket for logaggregation.(remote log directory) # Following IAM configuration for nodemanager and JHS(Deletion service runs in JHS) https://aws.amazon.com/blogs/security/writing-iam-policies-how-to-grant-access-to-an-amazon-s3-bucket/ For individual users folder access control using. https://aws.amazon.com/blogs/security/writing-iam-policies-grant-access-to-user-specific-folders-in-an-amazon-s3-bucket/ Will this work ?? > App ACLs are not validated when serving logs from Logs CLI/Yarn UI2 > ------------------------------------------------------------------- > > Key: YARN-9039 > URL: https://issues.apache.org/jira/browse/YARN-9039 > Project: Hadoop YARN > Issue Type: Bug > Components: log-aggregation > Reporter: Suma Shivaprasad > Assignee: Suma Shivaprasad > Priority: Critical > Attachments: YARN-9039.1.patch, YARN-9039.2.patch > > > App Acls are not being validated when serving logs through YARN CLI. > This also applies while serving logs through YARN UIV2 through ATSV2 Log > Webservice -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org