[
https://issues.apache.org/jira/browse/HADOOP-13887?focusedWorklogId=697151&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-697151
]
ASF GitHub Bot logged work on HADOOP-13887:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 16/Dec/21 09:23
Start Date: 16/Dec/21 09:23
Worklog Time Spent: 10m
Work Description: balvisio commented on a change in pull request #3292:
URL: https://github.com/apache/hadoop/pull/3292#discussion_r770357840
##########
File path:
hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/S3AFileSystem.java
##########
@@ -415,12 +422,16 @@ public void initialize(URI name, Configuration
originalConf)
// DT Bindings may override this
setEncryptionSecrets(new EncryptionSecrets(
getEncryptionAlgorithm(bucket, conf),
- getServerSideEncryptionKey(bucket, getConf())));
+ getS3EncryptionKey(bucket, getConf())));
invoker = new Invoker(new S3ARetryPolicy(getConf()), onRetry);
instrumentation = new S3AInstrumentation(uri);
initializeStatisticsBinding();
-
+ // If CSE-KMS method is set then CSE is enabled.
+ isCSEEnabled = S3AUtils.lookupPassword(conf,
Review comment:
@mehakmeet : I was just reviewing this PR to get some understanding.
Wondering why the `isCSEEnabled` check only compares if the
`SERVER_SIDE_ENCRYPTION_ALGORITHM` param is not equal to null. Shouldn't it be:
(identical to the one in `DefaultS3ClientFactory.java`)
```
if (S3AEncryptionMethods.getMethod(S3AUtils.
lookupPassword(conf, SERVER_SIDE_ENCRYPTION_ALGORITHM, null))
.equals(S3AEncryptionMethods.CSE_KMS)) {
```
I see that this check is changed in `trunk`(to compare equal to `CSE-KMS`
but making sure I am not missing something here
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
Issue Time Tracking
-------------------
Worklog Id: (was: 697151)
Time Spent: 14h 10m (was: 14h)
> Encrypt S3A data client-side with AWS SDK (S3-CSE)
> --------------------------------------------------
>
> Key: HADOOP-13887
> URL: https://issues.apache.org/jira/browse/HADOOP-13887
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/s3
> Affects Versions: 2.8.0
> Reporter: Jeeyoung Kim
> Assignee: Mehakmeet Singh
> Priority: Minor
> Labels: pull-request-available
> Fix For: 3.3.2
>
> Attachments: HADOOP-13887-002.patch, HADOOP-13887-007.patch,
> HADOOP-13887-branch-2-003.patch, HADOOP-13897-branch-2-004.patch,
> HADOOP-13897-branch-2-005.patch, HADOOP-13897-branch-2-006.patch,
> HADOOP-13897-branch-2-008.patch, HADOOP-13897-branch-2-009.patch,
> HADOOP-13897-branch-2-010.patch, HADOOP-13897-branch-2-012.patch,
> HADOOP-13897-branch-2-014.patch, HADOOP-13897-trunk-011.patch,
> HADOOP-13897-trunk-013.patch, HADOOP-14171-001.patch, S3-CSE Proposal.pdf
>
> Time Spent: 14h 10m
> Remaining Estimate: 0h
>
> Expose the client-side encryption option documented in Amazon S3
> documentation -
> http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html
> When backporting, include HADOOP-17817
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
