xiaoyuyao commented on a change in pull request #767: HDDS-1462. Fix content and format of Ozone documentation URL: https://github.com/apache/hadoop/pull/767#discussion_r279529735
########## File path: hadoop-hdds/docs/content/S3.md ########## @@ -83,16 +83,37 @@ Endpoint | Status | Notes ------------------------------------|-----------------|--------------- PUT Object | implemented | GET Object | implemented | Range headers are not supported -Multipart Uplad | not implemented | +Multipart Uplad | implemented |Except the listing of the current MultiPartUploads. DELETE Object | implemented | HEAD Object | implemented | ## Security -Security is not yet implemented, you can *use* any AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY +If security is not enabled, you can *use* **any** AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY -Note: Ozone has a notion for 'volumes' which is missing from the S3 Rest endpoint. Under the hood S3 bucket names are mapped to Ozone 'volume/bucket' locations (depending on the given authentication information). +If security is enabled, you can get the key and the secret with the `ozone s3 getsecret` command (*kerberos based authentication is required). + +``` +/etc/security/keytabs/testuser.keytab testuser/[email protected] +ozone s3 getsecret +awsAccessKey=testuser/[email protected] +awsSecret=c261b6ecabf7d37d5f9ded654b1c724adac9bd9f13e247a235e567e8296d2999 + +``` + +Now, you can use the key and the secret to access the S3 endpoint: + +``` +export AWS_ACCESS_KEY_ID=testuser/[email protected] +export AWS_SECRET_ACCESS_KEY=c261b6ecabf7d37d5f9ded654b1c724adac9bd9f13e247a235e567e8296d2999 +aws s3api --endpoint http://localhost:9878 create-bucket --bucket bucket1 Review comment: we may change this to use aws s3api like below: aws configure set default.s3.signature_version s3v4 aws configure set region us-west-1 aws configure set aws_access_key_id testuser/[email protected] aws configure set aws_secret_access_key 95fdf9ada7c312faf42cf774fc9f9ff0fd6be4a94477ca9a34ee417931928183 ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
