[GitHub] [dolphinscheduler] 8431 opened a new issue, #11627: [Bug] [dolphinscheduler-common] When an application is deployed on the EC2 machine on AWS and S3 is operated, it will be rejected

Wed, 24 Aug 2022 00:42:56 -0700 


8431 opened a new issue, #11627:
URL: https://github.com/apache/dolphinscheduler/issues/11627

   ### Search before asking
   
   - [X] I had searched in the 
[issues](https://github.com/apache/dolphinscheduler/issues?q=is%3Aissue) and 
found no similar issues.
   
   
   ### What happened
   
   When you deploy an application on the EC2 machine of AWS to operate S3, it 
will be rejected
   
   AWS EC2 machine will not use key access because of security policy
   
![Screenshot2022_08_24_154117](https://user-images.githubusercontent.com/22486827/186360070-3ec8ac39-a9b4-4f46-a55a-c77ccba96425.jpg)
   
![Screenshot2022_08_24_154232](https://user-images.githubusercontent.com/22486827/186360352-cc6dccb1-5e29-4920-a3c4-ff33a6c8eb15.jpg)
   
   
   ### What you expected to happen
   
   When you deploy an application on the EC2 machine of AWS to operate S3, it 
will be rejected
   
   AWS EC2 machine will not use key access because of security policy
   
   Therefore, this problem can be compatible when building S3 client objects, 
so that EC2 machines in AWS can access S3
   Whether the code can be compatible with the above scenario
   `AWSCredentialsProvider provider = new AWSCredentialsProviderChain(
                       new EC2ContainerCredentialsProviderWrapper(),
                       new AWSStaticCredentialsProvider(new 
BasicAWSCredentials(ACCESS_KEY_ID, SECRET_KEY_ID)));`
   
   `private S3Utils() {
           if 
(PropertyUtils.getString(RESOURCE_STORAGE_TYPE).equals(STORAGE_S3)) {
               AWSCredentialsProvider provider = new 
AWSCredentialsProviderChain(
                       new EC2ContainerCredentialsProviderWrapper(),
                       new AWSStaticCredentialsProvider(new 
BasicAWSCredentials(ACCESS_KEY_ID, SECRET_KEY_ID)));
               if 
(!StringUtils.isEmpty(PropertyUtils.getString(AWS_END_POINT))) {
                   s3Client = AmazonS3ClientBuilder
                           .standard()
                           .withPathStyleAccessEnabled(true)
                           .withEndpointConfiguration(new 
AwsClientBuilder.EndpointConfiguration(PropertyUtils.getString(AWS_END_POINT), 
Regions.fromName(REGION).getName()))
                           .withCredentials(provider)
                           .build();
               } else {
                   s3Client = AmazonS3ClientBuilder
                           .standard()
                           .withCredentials(provider)
                           .withRegion(Regions.fromName(REGION))
                           .build();
               }
               checkBucketNameIfNotPresent(BUCKET_NAME);
           }
       }`
   
   ### How to reproduce
   
   Deploy the dolphin scheduler project to the EC2 machine of AWS and configure 
S3 information. Then go to the resource management interface to create a folder
   
   
   
   ### Anything else
   
   _No response_
   
   ### Version
   
   3.0.0
   
   ### Are you willing to submit PR?
   
   - [X] Yes I am willing to submit a PR!
   
   ### Code of Conduct
   
   - [X] I agree to follow this project's [Code of 
Conduct](https://www.apache.org/foundation/policies/conduct)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: 
[email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to