[ https://issues.apache.org/jira/browse/HADOOP-12548?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15145729#comment-15145729 ]
Larry McCay commented on HADOOP-12548: -------------------------------------- While looking at the docs for S3A, I notice: 1. There is nothing in the existing docs for the added use of the credential providers in S3 and S3N that already existed. I could add that as well. Though there are semantic differences in the processing order of precedence between what I just added in S3A and the existing functionality there. If those filesystems are being deprecated or used less maybe we shouldn't add anything there? 2. There is a proxyPassword parameter as well that we could also protect use credential providers. I don't think that I would want to hold up this patch for it but would be willing to file a new JIRA to add that support as well - if we want that. Currently it seems that the proxyPassword is in the config in clear text. {quote} String proxyUsername = conf.getTrimmed(PROXY_USERNAME); String proxyPassword = conf.getTrimmed(PROXY_PASSWORD); if ((proxyUsername == null) != (proxyPassword == null)) { String msg = "Proxy error: " + PROXY_USERNAME + " or " + PROXY_PASSWORD + " set without the other."; LOG.error(msg); throw new IllegalArgumentException(msg); } {quote} I will add the docs for S3A use of credential providers in HADOOP-11031 and get a patch ready for review there next. Just let me know about #2 above. > read s3 creds from a Credential Provider > ---------------------------------------- > > Key: HADOOP-12548 > URL: https://issues.apache.org/jira/browse/HADOOP-12548 > Project: Hadoop Common > Issue Type: New Feature > Components: fs/s3 > Reporter: Allen Wittenauer > Assignee: Larry McCay > Attachments: CredentialProviderAPIforS3FS-002.pdf, > HADOOP-12548-01.patch, HADOOP-12548-02.patch, HADOOP-12548-03.patch, > HADOOP-12548-04.patch, HADOOP-12548-05.patch, HADOOP-12548-06.patch, > HADOOP-12548-07.patch > > > It would be good if we could read s3 creds from a source other than via a > java property/Hadoop configuration option -- This message was sent by Atlassian JIRA (v6.3.4#6332)