$customHeader
Skip to end of banner
Go to start of banner

AWS S3 Account for Hadoop

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 21 Next »

In this article

Overview

Use this account type to connect Hadoop Snaps with data sources that use AWS S3 accounts.

Prerequisites

  • S3 accounts must have full access.
  • S3 ListAllMyBuckets permission is required for the S3 account to be validated successfully.

Limitations and Known Issues

  • None.

Account Settings



Parameter Data TypeDescriptionDefault ValueExample 
LabelString

Required. Unique user-provided label for the account. We recommend that you update the account name if there is more than one account of the same account type in your project.

N/AS3 Account
Access-key IDString

Required when IAM role is deselected. The unique access key ID part of AWS authentication.

N/AASTPPGC2DCFDB5DW9GHI
Secret keyStringRequired when IAM role is deselected. The secret key part of AWS authentication.N/A

FGSDFG5465F4G6D5F4DFG5DFD5FGD5F5FGD58

Server-side encryptionCheck box

Required for writing to S3. Specifies that server-side encryption be used for the objects. For more information see Protecting Data Using Server-Side Encryption with Amazon S3-Managed Encryption Keys.

DeselectedN/A
IAM roleCheck box

If this check box is selected, the IAM role stored in the EC2 instance is used to access the S3 bucket.

  • If you select this property, ensure that the Access-key ID and Secret key fields are empty.
  • This property is valid only in Groundplex nodes hosted in the EC2 environment.

    In the Groundplex, add the following line to global.properties and restart the JCC: 
    jcc.jvm_options = -DIAM_CREDENTIAL_FOR_S3=TRUE
  • Validation does not work when this property is enabled.
DeselectedN/A
IAM Role propertiesN/A

Use this fieldset to enter information associated with the IAM Role.

Use this fieldset only if you do not plan to provide the Access key ID and Secret key, and if IAM role, above, is selected.

N/A

AWS account ID

StringThe Amazon Web Services account ID associated with the AWS S3 account that you want to use.N/A

IAM role name

StringThe name of the IAM role that can access the AWS S3 account identified above.N/A

Region Endpoint name

String

The endpoint name of the region to which the target AWS S3 bucket belongs.

Protocols supported: S3

N/As3.us-east-2.amazonaws.com

Troubleshooting

Error MessageReasonResolution
Failed to validate account: Invalid IAM role setting

Access-key ID and Secret key should be empty if IAM role is selected.

This means that you selected the IAM role check box but also provided access-key ID and secret key information.

Address the reported issue. Do not provide both IAM role and access-key details for the same account.
Failed to validate account
Failed to validate account
This typically means that your IAM role details are incorrect.
Verify if the provided credentials are correct.
Access key cannot be null.
Failed to validate account: The AWS Access Key Id you provided does not exist in our records.Access key is invalid.
  • No labels