The data of JindoFS is stored in Object Storage Service (OSS). If you want to access the data of JindoFS, you must provide an AccessKey pair that can be used to access OSS. SmartData V3.4.0 and later support JindoFS credential providers. You can use a JindoFS credential provider to save an encrypted AccessKey pair into a file. This prevents the AccessKey pair from being leaked.

Configure a JindoFS credential provider

  1. Go to the SmartData service.
    1. Log on to the Alibaba Cloud EMR console.
    2. In the top navigation bar, select the region where your cluster resides. Select the resource group as required. By default, all resources of the account appear.
    3. Click the Cluster Management tab.
    4. On the Cluster Management page that appears, find the target cluster and click Details in the Actions column.
    5. In the left-side navigation pane, click Cluster Service and then SmartData.
  2. Go to the smartdata-site tab.
    1. Click the Configure tab.
    2. In the Service Configuration section, click the smartdata-site tab.
  3. Add configuration information.
    1. In the upper-right corner of the smartdata-site tab, click Custom Configuration.
    2. In the Add Configuration Item dialog box, add the parameter described in the following table.
      Parameter Description
      fs.jfs.credentials.provider Specifies the implementation classes of com.aliyun.emr.fs.auth.AliyunCredentialsProvider. Separate multiple classes with commas (,). The system reads credential values in sequence until a valid credential value is found. Example: com.aliyun.emr.fs.auth.TemporaryAliyunCredentialsProvider,com.aliyun.emr.fs.auth.SimpleAliyunCredentialsProvider,com.aliyun.emr.fs.auth.EnvironmentVariableCredentialsProvider.

      For more information about credential providers, see Credential provider types.

    3. Click OK.
  4. Save the configuration.
    1. In the upper-right corner of the Service Configuration section, click Save.
    2. In the Confirm Changes dialog box, specify Description and turn on Auto-update Configuration.
    3. Click OK.

Credential provider types

  • TemporaryAliyunCredentialsProvider
    This credential provider is suitable for scenarios in which an AccessKey pair with a validity period and a security token with a validity period are used to access OSS.
    Parameter Description
    fs.jfs.credentials.provider Set this parameter to com.aliyun.emr.fs.auth.TemporaryAliyunCredentialsProvider.
    fs.jfs.accessKeyId The AccessKey ID used to access OSS.
    fs.jfs.accessKeySecret The AccessKey secret used to access OSS.
    fs.jfs.securityToken The temporary security token used to access OSS.
  • SimpleAliyunCredentialsProvider
    This credential provider is suitable for scenarios in which an AccessKey pair with a long validity period is used to access OSS.
    Parameter Description
    fs.jfs.credentials.provider Set this parameter to com.aliyun.emr.fs.auth.SimpleAliyunCredentialsProvider.
    fs.jfs.accessKeyId The AccessKey ID used to access OSS.
    fs.jfs.accessKeySecret The AccessKey secret used to access OSS.
  • EnvironmentVariableCredentialsProvider
    To use this credential provider, you must configure the parameters described in the following table in environment variables.
    Parameter Description
    fs.jfs.credentials.provider Set this parameter to com.aliyun.emr.fs.auth.EnvironmentVariableCredentialsProvider.
    ALIYUN_ACCESS_KEY_ID The AccessKey ID used to access OSS.
    ALIYUN_ACCESS_KEY_SECRET The AccessKey secret used to access OSS.
    ALIYUN_SECURITY_TOKEN The temporary security token used to access OSS.
    Note This parameter is required only when you configure a token that has a validity period.
  • JindoCommonCredentialsProvider
    This is a common credential provider. After you configure the parameters described in the following table, you can use this credential provider in both JindoOSS and JindoFS.
    Parameter Description
    fs.jfs.credentials.provider Set this parameter to com.aliyun.emr.fs.auth.JindoCommonCredentialsProvider.
    jindo.common.accessKeyId The AccessKey ID used to access OSS.
    jindo.common.accessKeySecret The AccessKey secret used to access OSS.
    jindo.common.securityToken The temporary security token used to access OSS.
  • EcsStsCredentialsProvider
    This credential provider does not require an AccessKey pair. You can access OSS in password-free mode.
    Parameter Description
    fs.jfs.credentials.provider Set this parameter to com.aliyun.emr.fs.auth.EcsStsCredentialsProvider.