[jira] [Commented] (HADOOP-14749) review s3guard docs & code prior to merge

[Aaron Fabbri (JIRA)]

    [ 
https://issues.apache.org/jira/browse/HADOOP-14749?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16124000#comment-16124000
 ] 

Aaron Fabbri commented on HADOOP-14749:
---------------------------------------

Quick review of the v5 patch:

{noformat}
+### Security
+
+All users of the DynamoDB table must have write access to it. This
+effectively means they must have write access to the entire object store.
+
{noformat}

Couldn't you have an IAM role with write access to DynamoDB but only read 
access for the bucket?

{noformat}
  
 **Warning do not enable any type of failure injection in production.  The
-following settings are for test development only.**
-
-## Inconsistency Injection
{noformat}
No change needed to your patch here.. but my hope for the sub heading was that 
we will introduce other types of failure injection in the future.  We can 
re-add the main heading when we do.

{noformat}
-    // TODO
-    // 1. Add properties query to MetadataStore interface
-    // supportsAuthoritativeDirectories() or something.
-    // 2. Add "isNew" flag to MetadataStore.put(DirListingMetadata)
-    // 3. If #1 is true, assert that directory is still fully cached here.
-    // assertTrue("Created dir is fully cached", dirMeta.isAuthoritative());
-
+    // TODO HADOOP-1475 instrument MetadataStore for asserting & testing
{noformat}
 
Wrong JIRA # here.  Should be HADOOP-14756

I tweaked that JIRA a bit to capture my original intent here (things have 
changed a little).

So +1 after you fix the JIRA #, and consider clarifying bit about requiring 
write access to buckets.

> review s3guard docs & code prior to merge
> -----------------------------------------
>
>                 Key: HADOOP-14749
>                 URL: https://issues.apache.org/jira/browse/HADOOP-14749
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: documentation, fs/s3
>    Affects Versions: HADOOP-13345
>            Reporter: Steve Loughran
>            Assignee: Steve Loughran
>         Attachments: HADOOP-14749-HADOOP-13345-001.patch, 
> HADOOP-14749-HADOOP-13345-002.patch, HADOOP-14749-HADOOP-13345-003.patch, 
> HADOOP-14749-HADOOP-13345-004.patch, HADOOP-14749-HADOOP-13345-005.patch
>
>   Original Estimate: 24h
>  Remaining Estimate: 24h
>
> Pre-merge cleanup while it's still easy to do
> * Read through all the docs, tune
> * Diff the trunk/branch files to see if we can reduce the delta (and hence 
> the changes)
> * Review the new tests



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org