[jira] [Commented] (FLINK-4611) Make "AUTO" credential provider as default for Kinesis Connector

Thu, 15 Dec 2016 01:07:17 -0800 

    [ 
https://issues.apache.org/jira/browse/FLINK-4611?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15750839#comment-15750839
 ] 

ASF GitHub Bot commented on FLINK-4611:
---------------------------------------

Github user tony810430 commented on the issue:

    https://github.com/apache/flink/pull/2914
  
    The new behavior is as what you have said. The second behavior is for 
letting configuration in previous version work like before, otherwise job will 
fail in this version if it couldn't get the aws credential from local.
    
    The reason why I implement the logic in `validateAwsConfiguration` and 
`AWSUtils.getCredentialsProvider()` like this is because I thought config 
properties should be immutable and validation shouldn't do anything more than 
checking if theses properties were correct. Therefore, it is reasonable for me 
to remain the current implementation, but I probably need to make the parameter 
in `validateAwsConfiguration`  be immutable.


> Make "AUTO" credential provider as default for Kinesis Connector
> ----------------------------------------------------------------
>
>                 Key: FLINK-4611
>                 URL: https://issues.apache.org/jira/browse/FLINK-4611
>             Project: Flink
>          Issue Type: Improvement
>          Components: Kinesis Connector
>            Reporter: Tzu-Li (Gordon) Tai
>            Assignee: Wei-Che Wei
>             Fix For: 1.2.0
>
>
> Right now, the Kinesis Consumer / Producer by default directly expects the 
> access key id and secret access key to be given in the config properties.
> This isn't a good practice for accessing AWS services, and usually Kinesis 
> users would most likely be running their Flink application in AWS instances 
> that have embedded credentials that can be access via the default credential 
> provider chain. Therefore, it makes sense to change the default 
> {{AWS_CREDENTIALS_PROVIDER}} to {{AUTO}} instead of {{BASIC}}.
> To avoid breaking user code, we only use directly supplied AWS credentials if 
> both access key and secret key is given through {{AWS_ACCESS_KEY}} and 
> {{AWS_SECRET_KEY}}. Otherwise, the default credential provider chain is used.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to