Giters

shaikidris / secure-s3-fsclient

A wrapper over S3N filesystem to securely connect to S3 FS without specifying secret-key/passcode

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

SecureS3-FSClient

Secure S3 file system client

A wrapper over Amazon's S3N/S3 Filesystem, to securely connect to to s3n filesystem. With the default s3n/s3 URI users are required to provide the secret-key/passcode as part of URI. Ex: sudo -u theuser hadoop fs -ls s3n://AKIAJWJBBSUXIWD7RMEA:LUnvKWWSeFuInkoOpYX/bJtDj170EovlioOchGwM@inmobi-grid-emr-dev/dir/file

This implementation will expose the credentials to every users who is required to connect to S3 bucket.

With S4 filesystem, users can connect to S3 filesystem without specifying credentials as part of URI. Ex: sudo -u theuser hadoop fs -ls s4://inmobi-grid-emr-dev/dir/file

It works by looking for .crd file in hadoop's logged in user directory. In HDFS /user/theuser/inmobi-grid-emr-dev.crd file The name of the file should be the name of the BUCKET and the credentials are provided in this format inside the file: :

Ex: AKIAJWJBBSUXIWD7RMEA:LUnvKWWSeFuInkoOpYX/bJtDj170EovlioOchGwM

The admin can secure this .crd file by restricting to read access for only authorized users.

About

A wrapper over S3N filesystem to securely connect to S3 FS without specifying secret-key/passcode

Languages

Language:Java 100.0%