|
|
@@ -202,6 +202,25 @@ credentials in S3AFileSystem.
|
|
|
For additional reading on the credential provider API see:
|
|
|
[Credential Provider API](../../../hadoop-project-dist/hadoop-common/CredentialProviderAPI.html).
|
|
|
|
|
|
+#### Authenticating via environment variables
|
|
|
+
|
|
|
+S3A supports configuration via [the standard AWS environment variables](http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-environment).
|
|
|
+
|
|
|
+The core environment variables are for the access key and associated secret:
|
|
|
+
|
|
|
+```
|
|
|
+export AWS_ACCESS_KEY_ID=my.aws.key
|
|
|
+export AWS_SECRET_ACCESS_KEY=my.secret.key
|
|
|
+```
|
|
|
+
|
|
|
+These environment variables can be used to set the authentication credentials
|
|
|
+instead of properties in the Hadoop configuration. *Important:* these
|
|
|
+environment variables are not propagated from client to server when
|
|
|
+YARN applications are launched. That is: having the AWS environment variables
|
|
|
+set when an application is launched will not permit the launched application
|
|
|
+to access S3 resources. The environment variables must (somehow) be set
|
|
|
+on the hosts/processes where the work is executed.
|
|
|
+
|
|
|
##### End to End Steps for Distcp and S3 with Credential Providers
|
|
|
|
|
|
###### provision
|
Steve Loughran