CredentialOperations¶
AwsCredentialVendor¶
AwsCredentialVendor is created alongside CredentialOperations.
AzureCredentialVendor¶
GcpCredentialVendor¶
GcpCredentialVendor is created alongside CredentialOperations.
Vend Credentials¶
TemporaryCredentials vendCredential(
String path,
Set<CredentialContext.Privilege> privileges) // (1)!
TemporaryCredentials vendCredential(
CredentialContext context)
- Uses a new CredentialContext for the given storage location (
path) and theprivileges.
BaseException
vendCredential throws a BaseException when the path is undefined (null or empty).
Storage Location
The input path is also known as a storage location.
vendCredential creates a CredentialContext for the given storage location (path) and the privileges.
vendCredential creates a TemporaryCredentials model with Cloud Provider-specific settings (based on the storage scheme of the CredentialContext).
| Storage Scheme | Credential Vending Mechanism | TemporaryCredentials |
|---|---|---|
abfs or abfss | AzureCredential | AzureUserDelegationSAS
|
gs | AccessToken | GcpOauthToken
|
s3 | Credentials | AwsCredentials
|
vendCredential is used when:
TemporaryModelVersionCredentialsServiceis requested to generateTemporaryModelVersionCredentialsTemporaryPathCredentialsServiceis requested to generateTemporaryPathCredentialTemporaryTableCredentialsServiceis requested to generateTemporaryTableCredentialTemporaryVolumeCredentialsServiceis requested to generateTemporaryTableCredential
vendAwsCredential¶
vendAwsCredential requests the AwsCredentialVendor to vendAwsCredentials for the given CredentialContext.
vendAwsCredential is used when:
CredentialOperationsis requested to vend credentials fors3://storage schemeFileIOFactoryis requested to getAwsCredentialsProviderTableConfigServiceis requested to getS3Config