[
https://issues.apache.org/jira/browse/FLINK-14907?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Konstantin Knauf updated FLINK-14907:
-------------------------------------
Description:
>From a security perspective it would often be preferable pass the Azure
>storage key via an env to the Flink Azure filesystem. Currently we only
>support to set it in the Flink configuration [1].
The least intrusive way, I think, would be to include a very simple
{{org.apache.hadoop.fs.azure.KeyProvider}} to flink-azure-fs-hadoop, which
reads the account key from an env variable called {{AZURE_STORAGE_KEY}}.
It could then be enabled in the flink-conf.yaml via:
{noformat}
fs.azure.account.keyprovider.<account_name>.blob.core.windows.net:
org.apache.flink.fs.azurefs.<NewProviderClass>{noformat}
[1]
[https://ci.apache.org/projects/flink/flink-docs-release-1.9/ops/filesystems/azure.html]
was:
>From a security perspective it would often be prefferable pass the Azure
>storage key via an env to the Flink Azure filesystem. Currently we only
>support to set it in the Flink configuration [1].
The least intrusive way, I think, would be to include a very simple
{{org.apache.hadoop.fs.azure.KeyProvider}} to flink-azure-fs-hadoop, which
reads the account key from an env variable called {{AZURE_STORAGE_KEY}}.
It could then be enabled in the flink-conf.yaml via:
{noformat}
fs.azure.account.keyprovider.<account_name>.blob.core.windows.net:
org.apache.flink.fs.azurefs.<NewProviderClass>{noformat}
[1]
[https://ci.apache.org/projects/flink/flink-docs-release-1.9/ops/filesystems/azure.html]
> Support to Configure Azure Storage Key via Environment Variable
> ---------------------------------------------------------------
>
> Key: FLINK-14907
> URL: https://issues.apache.org/jira/browse/FLINK-14907
> Project: Flink
> Issue Type: Improvement
> Components: FileSystems
> Reporter: Konstantin Knauf
> Priority: Major
>
> From a security perspective it would often be preferable pass the Azure
> storage key via an env to the Flink Azure filesystem. Currently we only
> support to set it in the Flink configuration [1].
> The least intrusive way, I think, would be to include a very simple
> {{org.apache.hadoop.fs.azure.KeyProvider}} to flink-azure-fs-hadoop, which
> reads the account key from an env variable called {{AZURE_STORAGE_KEY}}.
> It could then be enabled in the flink-conf.yaml via:
> {noformat}
> fs.azure.account.keyprovider.<account_name>.blob.core.windows.net:
> org.apache.flink.fs.azurefs.<NewProviderClass>{noformat}
> [1]
> [https://ci.apache.org/projects/flink/flink-docs-release-1.9/ops/filesystems/azure.html]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
