br/pkg/storage: s3 sdk support to access aliyun oss by ram type

pingcap / tidb

TiDB - the open-source, cloud-native, distributed SQL database designed for modern applications.

https://pingcap.com

Apache License 2.0

37.14k stars 5.83k forks source link

br/pkg/storage: s3 sdk support to access aliyun oss by ram type #34224

Closed knull-cn closed 2 years ago

knull-cn commented 2 years ago

Feature Request

Is your feature request related to a problem? Please describe:

no Describe the feature you'd like:

use s3 sdk, access aliyun oss by ram type: on ram ecs, can auto request the sts token ,then use sts token to access oss. Describe alternatives you've considered:

Teachability, Documentation, Adoption, Migration Strategy:

the doc at aliyun , example for python : 基于临时凭证，使用Python SDK访问OSS

kennytm commented 11 months ago

@knull-cn The implementation #34309 for this will cause all tools (Dumpling, Lightning, BR) running on Aliyun ECS using OSS as storage to ignore AK/SK defined in environment variables and ~/.aws/credentials. This is

undocumented
inconsistent with the credential chain for AWS which follows the environment → file → IAM role load order

Please check if this is intentional.

knull-cn commented 11 months ago

@knull-cn The implementation #34309 for this will cause all tools (Dumpling, Lightning, BR) running on Aliyun ECS using OSS as storage to ignore AK/SK defined in environment variables and ~/.aws/credentials. This is

undocumented

inconsistent with the credential chain for AWS which follows the environment → file → IAM role load order

Please check if this is intentional.

the load order is wrong , this is not intentional the RD member will reconstruct and fix this bug

seiya-annie commented 4 months ago

/found community