Search in sources :

Example 1 with EncryptionMaterialsProvider

use of com.amazonaws.services.s3.model.EncryptionMaterialsProvider in project zeppelin by apache.

the class S3NotebookRepo method createCustomProvider.

/**
   * Create an instance of a custom encryption materials provider class
   * which supplies encryption keys to use when reading/writing data in S3.
   */
private EncryptionMaterialsProvider createCustomProvider(ZeppelinConfiguration conf) throws IOException {
    // use a custom encryption materials provider class
    String empClassname = conf.getS3EncryptionMaterialsProviderClass();
    EncryptionMaterialsProvider emp;
    try {
        Object empInstance = Class.forName(empClassname).newInstance();
        if (empInstance instanceof EncryptionMaterialsProvider) {
            emp = (EncryptionMaterialsProvider) empInstance;
        } else {
            throw new IOException("Class " + empClassname + " does not implement " + EncryptionMaterialsProvider.class.getName());
        }
    } catch (Exception e) {
        throw new IOException("Unable to instantiate encryption materials provider class " + empClassname + ": " + e, e);
    }
    return emp;
}
Also used : EncryptionMaterialsProvider(com.amazonaws.services.s3.model.EncryptionMaterialsProvider) KMSEncryptionMaterialsProvider(com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider) S3Object(com.amazonaws.services.s3.model.S3Object) IOException(java.io.IOException) IOException(java.io.IOException) AmazonClientException(com.amazonaws.AmazonClientException)

Example 2 with EncryptionMaterialsProvider

use of com.amazonaws.services.s3.model.EncryptionMaterialsProvider in project presto by prestodb.

the class PrestoS3FileSystem method createAmazonS3Client.

private AmazonS3Client createAmazonS3Client(URI uri, Configuration hadoopConfig, ClientConfiguration clientConfig) {
    AWSCredentialsProvider credentials = getAwsCredentialsProvider(uri, hadoopConfig);
    Optional<EncryptionMaterialsProvider> emp = createEncryptionMaterialsProvider(hadoopConfig);
    AmazonS3Client client;
    String signerType = hadoopConfig.get(S3_SIGNER_TYPE);
    if (signerType != null) {
        clientConfig.withSignerOverride(signerType);
    }
    if (emp.isPresent()) {
        client = new AmazonS3EncryptionClient(credentials, emp.get(), clientConfig, new CryptoConfiguration(), METRIC_COLLECTOR);
    } else {
        client = new AmazonS3Client(credentials, clientConfig, METRIC_COLLECTOR);
    }
    // use local region when running inside of EC2
    if (pinS3ClientToCurrentRegion) {
        Region region = Regions.getCurrentRegion();
        if (region != null) {
            client.setRegion(region);
        }
    }
    String endpoint = hadoopConfig.get(S3_ENDPOINT);
    if (endpoint != null) {
        client.setEndpoint(endpoint);
    }
    return client;
}
Also used : AmazonS3Client(com.amazonaws.services.s3.AmazonS3Client) AmazonS3EncryptionClient(com.amazonaws.services.s3.AmazonS3EncryptionClient) EncryptionMaterialsProvider(com.amazonaws.services.s3.model.EncryptionMaterialsProvider) KMSEncryptionMaterialsProvider(com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider) CryptoConfiguration(com.amazonaws.services.s3.model.CryptoConfiguration) Region(com.amazonaws.regions.Region) AWSCredentialsProvider(com.amazonaws.auth.AWSCredentialsProvider)

Example 3 with EncryptionMaterialsProvider

use of com.amazonaws.services.s3.model.EncryptionMaterialsProvider in project presto by prestodb.

the class PrestoS3FileSystem method createEncryptionMaterialsProvider.

private static Optional<EncryptionMaterialsProvider> createEncryptionMaterialsProvider(Configuration hadoopConfig) {
    String kmsKeyId = hadoopConfig.get(S3_KMS_KEY_ID);
    if (kmsKeyId != null) {
        return Optional.of(new KMSEncryptionMaterialsProvider(kmsKeyId));
    }
    String empClassName = hadoopConfig.get(S3_ENCRYPTION_MATERIALS_PROVIDER);
    if (empClassName == null) {
        return Optional.empty();
    }
    try {
        Object instance = Class.forName(empClassName).getConstructor().newInstance();
        if (!(instance instanceof EncryptionMaterialsProvider)) {
            throw new RuntimeException("Invalid encryption materials provider class: " + instance.getClass().getName());
        }
        EncryptionMaterialsProvider emp = (EncryptionMaterialsProvider) instance;
        if (emp instanceof Configurable) {
            ((Configurable) emp).setConf(hadoopConfig);
        }
        return Optional.of(emp);
    } catch (ReflectiveOperationException e) {
        throw new RuntimeException("Unable to load or create S3 encryption materials provider: " + empClassName, e);
    }
}
Also used : KMSEncryptionMaterialsProvider(com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider) EncryptionMaterialsProvider(com.amazonaws.services.s3.model.EncryptionMaterialsProvider) KMSEncryptionMaterialsProvider(com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider) Configurable(org.apache.hadoop.conf.Configurable)

Aggregations

EncryptionMaterialsProvider (com.amazonaws.services.s3.model.EncryptionMaterialsProvider)3 KMSEncryptionMaterialsProvider (com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider)3 AmazonClientException (com.amazonaws.AmazonClientException)1 AWSCredentialsProvider (com.amazonaws.auth.AWSCredentialsProvider)1 Region (com.amazonaws.regions.Region)1 AmazonS3Client (com.amazonaws.services.s3.AmazonS3Client)1 AmazonS3EncryptionClient (com.amazonaws.services.s3.AmazonS3EncryptionClient)1 CryptoConfiguration (com.amazonaws.services.s3.model.CryptoConfiguration)1 S3Object (com.amazonaws.services.s3.model.S3Object)1 IOException (java.io.IOException)1 Configurable (org.apache.hadoop.conf.Configurable)1