amazon web services - Doesn't Spark/Hadoop support SSE-KMS encryption on AWS S3 -
i trying save rdd on s3 server side encryption using kms key (sse-kms), getting following exception:
exception in thread "main" com.amazonaws.services.s3.model.amazons3exception: status code: 400, aws service: amazon s3, aws request id: 695e32175eba568a, aws error code: invalidargument, aws error message: encryption method specified not supported, s3 extended request id: pi+hflg0wsawtkdi2s/xviocrpmci7zdhiao5n1f7tiwpje2z0lpy1c2cr53pnnucj3358gx3aq=
following piece of test code write rdd on s3 using sse-kms encryption:
val sparkconf = new sparkconf(). setmaster("local[*]"). setappname("aws-encryption") val sc = new sparkcontext(sparkconf) sc.hadoopconfiguration.set("fs.s3a.access.key", aws_access_key) sc.hadoopconfiguration.set("fs.s3a.secret.key", aws_secret_key) sc.hadoopconfiguration.setboolean("fs.s3a.sse.enabled", true) sc.hadoopconfiguration.set("fs.s3a.server-side-encryption-algorithm", "sse-kms") sc.hadoopconfiguration.set("fs.s3a.sse.kms.keyid", kms_id) val s3a = new org.apache.hadoop.fs.s3a.s3afilesystem val s3aname = s3a.getclass.getname sc.hadoopconfiguration.set("fs.s3a.impl", s3aname) val rdd = sc.parallelize(seq("one", "two", "three", "four")) println("rdd is: " + rdd.collect()) rdd.saveastextfile(s"s3a://$bucket/$objkey") although, able write rdd on s3 aes256 encryption.
does spark/hadoop have different value kms key encryption instead of "sse-kms"?
can please suggest missing here or doing wrong.
environment details follow:
- spark: 1.6.1
- hadoop: 2.6.0
- aws-java-sdk: 1.7.4
thank in advance.
unfortunately, seems existing version of hadoop i.e. 2.8 not support sse-kms :(
following observation:
- sse-kms not supported till hadoop 2.8.1
- sse-kms supposed introduced in hadoop 2.9
- in hadoop 3.0.0alpha version, sse-kms supported.
same observation w.r.t. aws sdk java
- sse-kms introduced in aws-java-sdk 1.9.5
Comments
Post a Comment