SmartData 3.4.0 and later support JindoFS OSS credential providers. You can use a JindoFS OSS credential provider to save an encrypted AccessKey pair into a file. This prevents the AccessKey pair from being leaked.
Configure a JindoFS OSS credential provider
Global configuration
You can configure different credential providers based on your business requirements. The following table describes the supported credential providers.
Type | Description |
---|---|
TemporaryAliyunCredentialsProvider | This credential provider is suitable for scenarios in which an AccessKey pair with
a validity period and a security token with a validity period are used to access OSS.
To use this credential provider, you must append com.aliyun.emr.fs.auth.TemporaryAliyunCredentialsProvider to the value of the fs.jfs.cache.oss.credentials.provider parameter and add the following configuration items:
|
SimpleAliyunCredentialsProvider | This credential provider is suitable for scenarios in which an AccessKey pair with
a long validity period is used to access OSS.
To use this credential provider, you must append com.aliyun.emr.fs.auth.SimpleAliyunCredentialsProvider to the value of the fs.jfs.cache.oss.credentials.provider parameter and add the following configuration items:
|
EnvironmentVariableCredentialsProvider | To use this credential provider, you must configure the required parameters in the
environment variable file.
In the environment variable file, you must set the fs.jfs.cache.oss.credentials.provider parameter to com.aliyun.emr.fs.auth.EnvironmentVariableCredentialsProvider and add the following configuration items:
|
JindoCommonCredentialsProvider | This is a common credential provider. After you configure the required parameters,
you can use this credential provider in JindoOSS and JindoFS.
To use this credential provider, you must append com.aliyun.emr.fs.auth.JindoCommonCredentialsProvider to the value of the fs.jfs.cache.oss.credentials.provider parameter and add the following configuration items:
|
EcsStsCredentialsProvider | This credential provider does not require an AccessKey pair. You can access OSS in
password-free mode.
To use this credential provider, you must append com.aliyun.emr.fs.auth.EcsStsCredentialsProvider to the value of the fs.jfs.cache.oss.credentials.provider parameter. |
Bucket-level configuration
You can configure different credential providers based on your business requirements. The following table describes the supported credential providers.
Type | Description |
---|---|
TemporaryAliyunCredentialsProvider | This credential provider is suitable for scenarios in which an AccessKey pair with
a validity period and a security token with a validity period are used to access OSS. To use this credential provider, you must set the fs.jfs.cache.oss.bucket.XXX.credentials.provider parameter to com.aliyun.emr.fs.auth.TemporaryAliyunCredentialsProvider and add the following configuration items:
|
SimpleAliyunCredentialsProvider | This credential provider is suitable for scenarios in which an AccessKey pair with
a long validity period is used to access OSS. To use this credential provider, you must set the fs.jfs.cache.oss.bucket.XXX.credentials.provider parameter to com.aliyun.emr.fs.auth.SimpleAliyunCredentialsProvider and add the following configuration items:
|
EnvironmentVariableCredentialsProvider | To use this credential provider, you must configure the required parameters in the
environment variable file. In the environment variable file, you must set the fs.jfs.cache.oss.bucket.XXX.credentials.provider parameter to com.aliyun.emr.fs.auth.EnvironmentVariableCredentialsProvider and add the following configuration items:
|
JindoCommonCredentialsProvider | This is a common credential provider. After you configure the required parameters,
you can use this credential provider in JindoOSS and JindoFS. To use this credential provider, you must set the fs.jfs.cache.oss.credentials.provider parameter to com.aliyun.emr.fs.auth.JindoCommonCredentialsProvider and add the following configuration items:
|
EcsStsCredentialsProvider | This credential provider does not require an AccessKey pair. You can access OSS in
password-free mode. To use this credential provider, you must set the fs.jfs.cache.oss.bucket.XXX.credentials.provider parameter to com.aliyun.emr.fs.auth.EcsStsCredentialsProvider. |