tS3Configuration properties for Apache Spark Batch
These properties are used to configure tS3Configuration running in the Spark Batch Job framework.
The Spark Batch tS3Configuration component belongs to the Storage family.
The component in this framework is available in all Talend products with Big Data and Talend Data Fabric.
Basic settings
Access Key |
Enter the access key ID that uniquely identifies an AWS Account. For further information about how to get your Access Key and Secret Key, see Getting Your AWS Access Keys. |
Access Secret |
Enter the secret access key, constituting the security credentials in combination with the access Key. To enter the secret key, click the [...] button next to the secret key field, and then in the pop-up dialog box enter the password between double quotes and click OK to save the settings. |
Use EMRFS consistent view | Select this check box to use the EMR File System
(EMRFS) consistent view. This option allows EMR clusters to check for list
and read-after-write consistency for Amazon S3 objects that are written by
or synced with EMRFS. Information noteNote: Avoid alternatively switching the consistent view on
and off on a single bucket, as it might create inconsistency errors. If
this issue occurs, you can fix the inconsistencies using the sync command in the EMRFS CLI. For more
information, see EMRFS CLI
Reference.
This feature is available when you are using the Amazon EMR 5.29 distribution. |
EMRFS metadata table | Enter the name of the metadata DynamoDB table to be used. Information noteNote: The
default metadata table name is
EmrFSMetadata.
This field is only available when you have selected the Use EMRFS consistent view check box. |
Bucket name |
Enter the bucket name and its folder you need to use. You need to separate the bucket name and the folder name using a slash (/). |
Temp folder |
Enter the location of the temp folder in S3. This folder will be automatically created if it has not existed by the time of the execution. |
Inherit credentials from AWS | Select this check box
to obtain AWS security credentials from your IAM role. This option is available
for Amazon EMR and Databricks on AWS clusters. To use this option, the cluster
must be started and your Job must be running on this cluster. For more information, see Using an IAM Role to Grant Permissions to Applications
Running on Amazon EC2 Instances
. This option enables you to develop your Job without having to put any AWS keys in the Job, thus easily comply with the security policy of your organization. |
Use SSE-KMS encryption | Select this check box
to use the SSE-KMS encryption service enabled on AWS to read or write the
encrypted data on S3. On the EMR side, the SSE-KMS service must have been enabled with the Default encryption feature and a customer managed CMK specified for the encryption. For further information about the AWS SSE-KMS encryption, see Protecting Data Using Server-Side Encryption from the AWS documentation. For further information about how to enable the Default Encryption feature for an Amazon S3 bucket, see Default encryption from the AWS documentation. This property is available only when you are using Amazon EMR distributions. |
Bucket encryption |
Select the default encryption you used for your bucket from the drop-down list:
This property is available only when you are using Amazon EMR distributions. |
Use 'in-transit' encryption |
Select this check box to enable the encryption of data in transit. Information noteNote: The in-transit encryption is selected by default. If you deactivate this
option, you do not have to set up a KMS encrypted EMR cluster.
This property is available only when you are using Amazon EMR distributions with SSE-KMS encryption. |
Assume Role |
Select this check box to make your Job temporarily assume a role and the permissions associated with this role. Ensure that access to this role has been granted to your user account by the trust policy associated to this role. If you are not certain about this, ask the owner of this role or your AWS administrator. After selecting this check box, specify the parameters
the administrator of the AWS system to be used defined for this role.
The External ID parameter is required only if your AWS administrator or the owner of this role has defined an external ID when they set up a trust policy for this role.
In addition, if the AWS administrator has enabled the STS endpoints for given regions you want to use for better response performance, use the Set STS region check box or the Set STS endpoint check box in the Advanced settings tab. This check box is available only for the following distributions
Talend supports:
This check box is also available when you are using Spark V1.6 and onwards in the Local Spark mode in the Spark configuration tab. |
KMS key id |
Enter the ID of the customer managed CMK you want to use for the
encryption.
Information noteNote: You can either use one of the following format:
The KMS key id field is only available when you select the Use SSE-KMS encryption check box. This feature is available when you are using Amazon EMR distribution with Spark. |
Set region |
Select this check box and select the region to connect to. This feature is available when you are
using one of the following distributions with Spark:
|
Set endpoint |
Select this check box and in the Endpoint field that is displayed, enter the Amazon region endpoint you need to use. For a list of the available endpoints, see Regions and Endpoints. If you leave this check box clear, the endpoint will be the default one defined by your Hadoop distribution, while this check box is not available when you have selected the Set region check box and in this situation the value selected from the Set region list is used. This feature is available when you are
using one of the following distributions with Spark:
|
Advanced settings
Set region and Set endpoint |
If the AWS administrator has enabled the STS endpoints for the regions you want to use for better response performance, select the Set region check box and then select the regional endpoint to be used. If the endpoint you want to use is not available in this regional endpoint list, clear the Set region check box, then select the Set endpoint check box and enter the endpoint to be used. This service allows you to request temporary, limited-privilege credentials for the AWS user authentication. Therefore, you still need to provide the access key and secret key to authenticate the AWS account to be used. For a list of the STS endpoints you can use, see AWS Security Token Service. For further information about the STS temporary credentials, see Temporary Security Credentials. Both articles are from the AWS documentation. |
Usage
Usage rule |
This component is used with no need to be connected to other components. Several tS3Configuration components are allowed per Job. You need to drop tS3Configuration along with the file system related subJob to be run in the same Job so that the configuration is used by the whole Job at runtime. |
Spark Connection |
In the Spark
Configuration tab in the Run
view, define the connection to a given Spark cluster for the whole Job. In
addition, since the Job expects its dependent jar files for execution, you must
specify the directory in the file system to which these jar files are
transferred so that Spark can access these files:
This connection is effective on a per-Job basis. |
Limitation |
Due to license incompatibility, one or more JARs required to use this component are not provided. You can install the missing JARs for this particular component by clicking the Install button on the Component tab view. You can also find out and add all missing JARs easily on the Modules tab in the Integration perspective of your studio. For details, see Installing external modules You can find more details about how to install external modules in Talend Help Center (https://help.talend.com). |