I like to copy data from our hadoop cluster (on premise) to s3. I can do it unencrypted. I can also run s3cmd put with client side encryption. How do I do distcp with client side encryption ?
Asked
Active
Viewed 723 times
6
-
1were you able to solve the problem? – Harman Oct 02 '15 at 08:02
1 Answers
0
Recent Hadoop versions should do the transfer using client side encryption just fine.
To be safe and not fall victim to specifics of your setup, I would simply ensure secure transfer by putting a bucket policy like the below one in place, forbidding non-secure transfer.
{
"Statement":[
{
"Action": "s3:*",
"Effect":"Deny",
"Principal": "*",
"Resource":"arn:aws:s3:::bucketname/*",
"Condition":{
"Bool":
{ "aws:SecureTransport": false }
}
}
]
}
Armin Braun
- 3,645
- 1
- 17
- 33