[jira] [Commented] (HADOOP-13131) add tests to verify that s3a supports SSE-S3 encryption

Wed, 11 May 2016 09:27:56 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-13131?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15280371#comment-15280371
 ] 

Chris Nauroth commented on HADOOP-13131:
----------------------------------------

Hello [[email protected]].

I agree with the approach of the tests.  I think these new tests are good 
candidates for using a JUnit {{Parameterized}} suite to avoid writing redundant 
test methods.  That's just subjective though, and I'm comfortable with whatever 
decision you make on that.  Aside from that, I think it's ready to go after 
working through the pre-commit checks.

bq. One thing to consider is "how do non-AWS implementations of S3 react here".

My intuition is that a non-AWS implementation would simply ignore the extra 
{{x-amz-server-side-encryption}} header in the requests.  I can't say for sure 
though since I don't have a non-AWS implementation to test against.  I suppose 
it would depend on whether or not that implementation chooses to strictly 
validate and reject unknown extended headers.

> add tests to verify that s3a supports SSE-S3 encryption
> -------------------------------------------------------
>
>                 Key: HADOOP-13131
>                 URL: https://issues.apache.org/jira/browse/HADOOP-13131
>             Project: Hadoop Common
>          Issue Type: Sub-task
>          Components: fs/s3
>    Affects Versions: 2.7.2
>            Reporter: Steve Loughran
>            Assignee: Steve Loughran
>            Priority: Minor
>         Attachments: HADOOP-13131-001.patch
>
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> Although S3A claims to support server-side S3 encryption (and does, if you 
> set the option), we don't have any test to verify this. Of course, as the 
> encryption is transparent, it's hard to test.
> Here's what I propose
> # a test which sets encryption = AES256; expects things to work as normal.
> # a test which sets encyption = DES and expects any operation creating a file 
> or directory to fail with a 400 "bad request" error



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to