[
https://issues.apache.org/jira/browse/HADOOP-15141?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16320338#comment-16320338
]
Steve Loughran commented on HADOOP-15141:
-----------------------------------------
* I wasn't worried about line length as its only a hint, and was cleaner to
leave @ 83-84 chars than split. wontfix there, I'm afraid
* will review the docs again
* w.r.t the deprecation, yeah. AWS have changed that SDK in a way which makes
it a bit more painful to use. I'l see what I can do there, in particular, make
it a bit easier to support assumed roles via web identity/SAML, which aren't
things I'm currently looking at, but would round it out (though there's still
the issue of "how to pass federation/Oauth secrets around", so it's not
seamless)
> Support IAM Assumed roles in S3A
> --------------------------------
>
> Key: HADOOP-15141
> URL: https://issues.apache.org/jira/browse/HADOOP-15141
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/s3
> Affects Versions: 3.0.0
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Attachments: HADOOP-15141-001.patch, HADOOP-15141-002.patch,
> HADOOP-15141-003.patch, HADOOP-15141-004.patch
>
>
> Add the ability to use assumed roles in S3A
> * Add a property fs.s3a.assumed.role.arn for the ARN of the assumed role
> * add a new provider which grabs that and other properties and then creates a
> {{STSAssumeRoleSessionCredentialsProvider}} from it.
> * This also needs to support building up its own list of aws credential
> providers, from a different property; make the changes to S3AUtils for that
> * Tests
> * docs
> * and have the AwsProviderList forward closeable to it.
> * Get picked up automatically by DDB/s3guard
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
