hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry McCay (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-12548) read s3 creds from a file
Date Tue, 03 Nov 2015 22:16:27 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-12548?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14988263#comment-14988263

Larry McCay commented on HADOOP-12548:


The problem comes down to putting it in a file in clear text.
Even when it is protected with file permissions it is often flagged as clear text and therefore
an issue.
A keystore isn't clear text though the real security still requires file permissions but does
usually pass the test.

A credential server that authenticated users with kerberos would be secure though.
The CredentialProvider API is a path to get there.

I can lend a hand there if you'd like to go in that direction.

> read s3 creds from a file
> -------------------------
>                 Key: HADOOP-12548
>                 URL: https://issues.apache.org/jira/browse/HADOOP-12548
>             Project: Hadoop Common
>          Issue Type: New Feature
>          Components: fs/s3
>            Reporter: Allen Wittenauer
> It would be good if we could read s3 creds from a file rather than via a java property.

This message was sent by Atlassian JIRA

View raw message