[
https://issues.apache.org/jira/browse/HADOOP-12807?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15148444#comment-15148444
]
Steve Loughran commented on HADOOP-12807:
-----------------------------------------
HADOOP-12548 should address your needs: linking to it. Tobin —can you
download/apply that patch and see if you can add the provider you need?
> S3AFileSystem should read AWS credentials from environment variables
> --------------------------------------------------------------------
>
> Key: HADOOP-12807
> URL: https://issues.apache.org/jira/browse/HADOOP-12807
> Project: Hadoop Common
> Issue Type: Improvement
> Components: fs/s3
> Affects Versions: 2.7.2
> Reporter: Tobin Baker
> Priority: Minor
> Labels: security
>
> Unlike the {{DefaultAWSCredentialsProviderChain}} in the AWS SDK, the
> {{AWSCredentialsProviderChain}} constructed by {{S3AFileSystem}} does not
> include an {{EnvironmentVariableCredentialsProvider}} instance. This prevents
> users from supplying AWS credentials in the environment variables
> {{AWS_ACCESS_KEY_ID}} and {{AWS_SECRET_ACCESS_KEY}}, which is the only
> alternative in some scenarios.
> In my scenario, I need to access S3 from within a test running in a CI
> environment that does not support IAM roles but does allow me to supply
> encrypted environment variables. Thus, the only secure approach I can use is
> to supply my AWS credentials in environment variables (plaintext
> configuration files are out of the question).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
