[
https://issues.apache.org/jira/browse/HADOOP-13863?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15749011#comment-15749011
]
Steve Loughran commented on HADOOP-13863:
-----------------------------------------
* Needs some docs, ideally a section in
{{hadoop-tools/hadoop-azure/src/site/markdown/index.md}}
* default values _MAY_ go into
{{hadoop-common-project/hadoop-common/src/main/resources/core-default.xml}}
* I'd like to have all exceptions subclass {{AzureException}} unless there's a
particularly compelling reason why not
I ran all the tests for this locally, they did complete but it did take a long
time. I should check to see if there's any different when run without this
patch.
{code}
Results :
Tests run: 646, Failures: 0, Errors: 0, Skipped: 8
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 29:23 min
[INFO] Finished at: 2016-12-14T17:58:13+00:00
{code}
> Hadoop - Azure: Add a new SAS key mode for WASB.
> ------------------------------------------------
>
> Key: HADOOP-13863
> URL: https://issues.apache.org/jira/browse/HADOOP-13863
> Project: Hadoop Common
> Issue Type: Improvement
> Components: azure, fs/azure
> Affects Versions: 2.8.0
> Reporter: Dushyanth
> Assignee: Dushyanth
> Attachments: HADOOP-13863.001.patch, HADOOP-13863.002.patch, WASB-SAS
> Key Mode-Design Proposal.pdf
>
>
> Current implementation of WASB, only supports Azure storage keys and SAS key
> being provided via org.apache.hadoop.conf.Configuration, which results in
> these secrets residing in the same address space as the WASB process and
> providing complete access to the Azure storage account and its containers.
> Added to the fact that WASB does not inherently support ACL's, WASB is its
> current implementation cannot be securely used for environments like secure
> hadoop cluster. This JIRA is created to add a new mode in WASB, which
> operates on Azure Storage SAS keys, which can provide fine grained timed
> access to containers and blobs, providing a segway into supporting WASB for
> secure hadoop cluster.
> More details about the issue and the proposal are provided in the design
> proposal document.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
