maytasm3 edited a comment on issue #9305: Add support for optional cloud (aws, gcs, etc.) credentials for s3 for ingestion URL: https://github.com/apache/druid/issues/9305#issuecomment-584492229 @jihoonson Sorry for the confusion around passwordProvider. I think we can reuse the existing Password Providers we have for now (no need to implement new ones). We will treat the accessKeyId as one Password Provider and the secretAccessKey as another Password Provider. Similar to how AWSCredentialsConfig (where you define a separate Password Providers for the .accessKey and the .secretKey). For example if user decide to use plain text: ``` "inputSource": { "type": "s3", "prefixes": ["s3://foo/bar", "s3://bar/foo"], "properties": { "accessKeyId": { "type": "default", "password": "abcdef" }, "secretAccessKey": { "type": "default", "password": "asdasdadsasd" }, } } ``` Or they can use Environment variable password provider: ``` "inputSource": { "type": "s3", "prefixes": ["s3://foo/bar", "s3://bar/foo"], "properties": { "accessKeyId": { "type": "environment", "variable": "<ENV.KEY.NAME.CONTAINING.ACCESS.KEY>" }, "secretAccessKey": { "type": "environment", "variable": "<ENV.KEY.NAME.CONTAINING.SECRET.ACCESS.KEY>" }, } } ``` Or they can have a mix (which will even be more beneficial when we have file path password provider and encrypt password provider): ``` "inputSource": { "type": "s3", "prefixes": ["s3://foo/bar", "s3://bar/foo"], "properties": { "accessKeyId": { "type": "default", "variable": "asdasdasdasd" }, "secretAccessKey": { "type": "environment", "variable": "<ENV.KEY.NAME.CONTAINING.SECRET.ACCESS.KEY>" }, } } ``` I think it's better to separate out the access key and secret key using separate password provider so user can be more flexible in choosing which password provider they want to use (if any at all)
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
