steveloughran commented on pull request #3260: URL: https://github.com/apache/hadoop/pull/3260#issuecomment-906592778
had another thought. What if we had an option to require access points? You could then set that globally and it would be an error to try and connect to any bucket which didn't have an AP ARN defined., something like fs.s3a.access.point.required The idea being you could have a policy in a VPN that you weren't allowed to talk to anything except through an AP; any mistyped/misreferenced bucket would fail to initialise. If you really need to talk to a bucket externally you could disable the switch on a bucket by bucket basis. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
