[
https://issues.apache.org/jira/browse/HADOOP-12807?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Steve Loughran updated HADOOP-12807:
------------------------------------
Attachment: HADOOP-12807-branch-2-002.patch
Patch 002: this is patch 001 updated to apply against the current code
+added a quick paragraph to the docs, and highlit that the env vars don't
propagate to submitted jobs. Don't want to field support calls on that.
If Yetus is happy with this I'll commit it.
> S3AFileSystem should read AWS credentials from environment variables
> --------------------------------------------------------------------
>
> Key: HADOOP-12807
> URL: https://issues.apache.org/jira/browse/HADOOP-12807
> Project: Hadoop Common
> Issue Type: Improvement
> Components: fs/s3
> Affects Versions: 2.7.2
> Reporter: Tobin Baker
> Priority: Minor
> Attachments: HADOOP-12807-1.patch, HADOOP-12807-branch-2-002.patch
>
>
> Unlike the {{DefaultAWSCredentialsProviderChain}} in the AWS SDK, the
> {{AWSCredentialsProviderChain}} constructed by {{S3AFileSystem}} does not
> include an {{EnvironmentVariableCredentialsProvider}} instance. This prevents
> users from supplying AWS credentials in the environment variables
> {{AWS_ACCESS_KEY_ID}} and {{AWS_SECRET_ACCESS_KEY}}, which is the only
> alternative in some scenarios.
> In my scenario, I need to access S3 from within a test running in a CI
> environment that does not support IAM roles but does allow me to supply
> encrypted environment variables. Thus, the only secure approach I can use is
> to supply my AWS credentials in environment variables (plaintext
> configuration files are out of the question).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
