Hue 3.11 S3 Credentials

[Benjamin Kim]

I would like to know if there is a way to use the Hadoop Credential Provider (jceks file) to lookup S3 access and secret keys? We have 2 of these jceks files. One contains the keys for a partner, and another contains keys for our company's S3. We switch back and forth based on which jceks file we choose to use. In this way, we never see any of the keys, and they meet security policies.

Cheers,

Ben

[Romain Rigaux]

Currently not, Hue only support 1 S3 key via plain text or password file

--
You received this message because you are subscribed to the Google Groups "Hue-Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to hue-user+unsubscribe@cloudera.org.

[Benjamin Kim]

Hi Romain,

Do you know if there are plans for anything similar?

Cheers,

Ben

[Tom Stewart]

Any update on the jckes files for S3 browser? We are using the following (as an example):

hadoop fs \

  -D fs.s3a.aws.credentials.provider=org.apache.hadoop.fs.s3a.TemporaryAWSCredentialsProvider \

  -D fs.s3a.security.credential.provider.path=jceks://hdfs@ns/user/whoever/s3.jceks \

  -ls s3a://my-bucket/

It would be nice if hue.ini could specify these two variables, in which case we could use different providers and generate a jckes file. For temporary though, Hue would also need an option to re-read the jckes file periodically in case the contents change. And, it would nice to provide a variable translation so or a selection  box where each user could point to their own jckes file(s) - and thus access to their own individual buckets.

To unsubscribe from this group and stop receiving emails from it, send an email to hue-user+u...@cloudera.org.