liuml07 commented on issue #1752: HADOOP-16732. S3Guard to support encrypted DynamoDB table URL: https://github.com/apache/hadoop/pull/1752#issuecomment-566876917 Thanks @bgaborg for testing and providing update. I can draft a release notes later, but to answer the question of what should we change to enable this: >We don't need to do anything (provide any configuration or change application code) if we don't want to enable server side encryption. The existing tables and configuration values will work as before because default values of this patch will keep existing behavior. To enable server side encryption, users can set `fs.s3a.s3guard.ddb.table.sse.enabled` as true. To specify a custom CMK, users can set her own CMK in config`fs.s3a.s3guard.ddb.table.sse.cmk` when `fs.s3a.s3guard.ddb.table.sse.enabled` is true. I'll address Steve's other comments in a new commit, and post testing results with different config settings in auth-keys.xml including default SSE config (AWS owned CMK), AWS managed CMK and customer managed AWS key.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
