Clone Tools
  • last updated 17 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
HADOOP-16645. S3A Delegation Token extension point to use StoreContext.

Contributed by Steve Loughran.

This is part of the ongoing refactoring of the S3A codebase, with the

delegation token support (HADOOP-14556) no longer given a direct reference

to the owning S3AFileSystem. Instead it gets a StoreContext and a new

interface, DelegationOperations, to access those operations offered by S3AFS

which are specifically needed by the DT bindings.

The sole operation needed is listAWSPolicyRules(), which is used to allow

S3A FS and the S3Guard metastore to return the AWS policy rules needed to

access their specific services/buckets/tables, allowing the AssumedRole

delegation token to be locked down.

As further restructuring takes place, that interface's implementation

can be moved to wherever the new home for those operations ends up.

Although it changes the API of an extension point, that feature (S3

Delegation Tokens) has not shipped; backwards compatibility is not a

problem except for anyone who has implemented DT support against trunk.

To those developers: sorry.

Change-Id: I770f58b49ff7634a34875ba37b7d51c94d7c21da

    • -0
    • +28
    ./DelegationOperations.java
  1. … 4 more files in changeset.
HADOOP-16658. S3A connector does not support including the token renewer in the token identifier.

Contributed by Phil Zampino.

Change-Id: Iea9d5028dcf58bda4da985604f5cd3ac283619bd

  1. … 5 more files in changeset.
HADOOP-16599. Allow a SignerInitializer to be specified along with a Custom Signer

    • -0
    • +31
    ./DelegationTokenProvider.java
  1. … 9 more files in changeset.
HADOOP-16445. Allow separate custom signing algorithms for S3 and DDB (#1332)

  1. … 11 more files in changeset.
HADOOP-16500 S3ADelegationTokens to only log at debug on startup (#1269). Contributed by Steve Loughran.

Change-Id: Ifafc15f32791911976d7ebc36fb6e8853f59ed41

HADOOP-16093. Move DurationInfo from hadoop-aws to hadoop-common org.apache.hadoop.util.

Contributed by Abhishek Modi

  1. … 18 more files in changeset.
HADOOP-16098. Fix javadoc warnings in hadoop-aws. Contributed by Masatake Iwasaki.

  1. … 13 more files in changeset.
HADOOP-14556. S3A to support Delegation Tokens.

Contributed by Steve Loughran and Daryn Sharp.

    • -0
    • +305
    ./AbstractDelegationTokenBinding.java
    • -0
    • +305
    ./AbstractS3ATokenIdentifier.java
    • -0
    • +172
    ./FullCredentialsTokenBinding.java
    • -0
    • +50
    ./FullCredentialsTokenIdentifier.java
  1. … 87 more files in changeset.
Revert "HADOOP-14556. S3A to support Delegation Tokens."

This reverts commit d7152332b32a575c3a92e3f4c44b95e58462528d.

    • -305
    • +0
    ./AbstractDelegationTokenBinding.java
    • -305
    • +0
    ./AbstractS3ATokenIdentifier.java
    • -172
    • +0
    ./FullCredentialsTokenBinding.java
    • -50
    • +0
    ./FullCredentialsTokenIdentifier.java
  1. … 90 more files in changeset.
HADOOP-14556. S3A to support Delegation Tokens.

Contributed by Steve Loughran.

    • -0
    • +59
    ./AWSPolicyProvider.java
    • -0
    • +154
    ./AbstractDTService.java
    • -0
    • +305
    ./AbstractDelegationTokenBinding.java
    • -0
    • +305
    ./AbstractS3ATokenIdentifier.java
    • -0
    • +165
    ./DelegationConstants.java
    • -0
    • +50
    ./DelegationTokenIOException.java
    • -0
    • +70
    ./EncryptionSecretOperations.java
    • -0
    • +221
    ./EncryptionSecrets.java
    • -0
    • +172
    ./FullCredentialsTokenBinding.java
    • -0
    • +50
    ./FullCredentialsTokenIdentifier.java
    • -0
    • +176
    ./RoleTokenBinding.java
    • -0
    • +49
    ./RoleTokenIdentifier.java
    • -0
    • +685
    ./S3ADelegationTokens.java
    • -0
    • +421
    ./SessionTokenBinding.java
  1. … 90 more files in changeset.