[ https://issues.apache.org/jira/browse/HADOOP-12537?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15311279#comment-15311279 ]
Sean Mackrory commented on HADOOP-12537: ---------------------------------------- It looks to me like you can append to the session token and it will still work - it must just be parsing what it expects and not looking at the rest. I can make the test fail by prepending, or simply setting the empty string as the session token. As soon as I append to an otherwise valid session token, the test fails because the S3 access still works. I thought I also observed behavior where authorization seemed to be cached for a short period of time, but I have been misinterpreting the behavior I just described. Going to run through a few more tweaks of the test case to ensure this is not the case. > s3a: Add flag for session ID to allow Amazon STS temporary credentials > ---------------------------------------------------------------------- > > Key: HADOOP-12537 > URL: https://issues.apache.org/jira/browse/HADOOP-12537 > Project: Hadoop Common > Issue Type: New Feature > Components: fs/s3 > Affects Versions: 2.7.1 > Reporter: Sean Mackrory > Assignee: Sean Mackrory > Priority: Minor > Attachments: HADOOP-12537-branch-2.005.patch, HADOOP-12537.001.patch, > HADOOP-12537.002.patch, HADOOP-12537.003.patch, HADOOP-12537.004.patch, > HADOOP-12537.diff, HADOOP-12537.diff > > > Amazon STS allows you to issue temporary access key id / secret key pairs for > your a user / role. However, using these credentials also requires specifying > a session ID. There is currently no such configuration property or the > required code to pass it through to the API (at least not that I can find) in > any of the S3 connectors. -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org