liuml07 commented on issue #1875: HADOOP-16794. S3A reverts KMS encryption to the bucket's default KMS … URL: https://github.com/apache/hadoop/pull/1875#issuecomment-596835790 Again, for the `branch-2.10` change, I backport the fix to there and did some manual testing. I did not work on the integration tests conflicts since they are not resolved even to `branch-3.2`. 1. Create an S3 bucket and set the default encryption to KMS. Create our own key in KMS and select that for the S3 bucket as default encryption key. All of this was from AWS Web Console for S3. 1. No client configurations for S3 at all, neither in `core-site.xml` nor command line `-D` 1. Confirm the bug without this patch 3.1 `hadoop fs -put /etc/hosts s3a://s3guard-mingliang/1` => This is not using our KMS key but the Amazon one 3.2 `hadoop fs -cp s3a://s3guard-mingliang/1 s3a://s3guard-mingliang/1-copy` => This is not using our KMS key but the Amazon one 3.3 `hadoop fs -put -d /etc/hosts s3a://s3guard-mingliang/1-d` => This is using our KMS key because this is a direct put, without copy operation internally 1. Confirm the fix with this patch 4.1 `hadoop fs -put /etc/hosts s3a://s3guard-mingliang/2` => This is using our KMS key 4.2 `hadoop fs -cp s3a://s3guard-mingliang/2 s3a://s3guard-mingliang/2-copy` => This is using our KMS key 4.3 `hadoop fs -put -d /etc/hosts s3a://s3guard-mingliang/2-d` => This is using our KMS key
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
