Documentation for Custom provider class for S3
Hello,
We are looking to utilize a custom provider class for S3 Credentials on the official S3 connection.
I can see from the credentials dropdown has an option for Custom credentials with an input:
- Custom provider class: Class name of a custom DSS AWS credentials provider
Can you provide documentation on what is needed to create a custom DSS AWS credentials provider?
- Does Dataiku expect a Java or Python class?
- Where should this class be placed?
- What methods do we need to implement?
- What response are we expected to return?
- What context details do we have access to from the custom provider class?
Thanks!
Answers
-
Hi Hurriel,
I know this is a few months old... but I've just worked through this.
To make it work you need the following:
* Need to grab some of the dataiku jars for some dependencies: ( these are in your install directory )
* dataiku-app-platform.jar (for the com.dataiku.dip.security.AuthCtx)
* dataiku-dip.jar (for the com.dataiku.dip.connections.EC2Connection.AWSConnectionCredentialsProvider )
* Next create a jar with a class implementing the com.dataiku.dip.connections.EC2Connection.AWSConnectionCredentialsProvider interface.
* Make sure to package up the jar with all the required runtime dependencies (but not the dataiku jars as they will already exist. no need to duplicate).
* keep the Jar simple... i.e. don't include anything like springboot etc... (it will clash with the existing jars).
* deploy the jar (with appropriate permissions) to the <dss>/lib/java folder of your installation. (This folder is already on the class path!)
* restart dss.
The AWSConnectionCredentialsProvider essentially has 2 important interfaces. setParams, where you can get the custom paramters setup in the connection. And a 'get' function where you convert your params into a "EC2Connection.SerializableAWSCredential".
You can look these up in the dataiku-dip.jar.
Just popluate this will the AWS acessKeyId, secretAccessKey sessiontoken and optionally the expiry time.
