raphaelazzolini commented on code in PR #6874:
URL: https://github.com/apache/hadoop/pull/6874#discussion_r1680195423
##########
hadoop-tools/hadoop-aws/src/main/java/org/apache/hadoop/fs/s3a/auth/delegation/EncryptionSecretOperations.java:
##########
@@ -61,4 +61,21 @@ public static Optional<String> getSSEAwsKMSKey(final
EncryptionSecrets secrets)
return Optional.empty();
}
}
+
+ /**
+ * Gets the SSE-KMS context if present, else don't set it in the S3 request.
+ *
+ * @param secrets source of the encryption secrets.
+ * @return an optional AWS KMS encryption context to attach to a request.
+ */
+ public static Optional<String> getSSEAwsKMSEncryptionContext(final
EncryptionSecrets secrets) {
+ if ((secrets.getEncryptionMethod() == S3AEncryptionMethods.SSE_KMS
+ || secrets.getEncryptionMethod() == S3AEncryptionMethods.DSSE_KMS)
+ && secrets.hasEncryptionKey()
Review Comment:
Right! If we don't specify the key, then the aws/s3 managed key will be
used. I will remove `&& secrets.hasEncryptionKey()` from the condition.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
