lefebsy commented on PR #389:
URL: https://github.com/apache/polaris/pull/389#issuecomment-2546185853
Refactored after many comments :
- SKIP_CREDENTIAL_SUBSCOPING_INDIRECTION is replacing the initial 'Strategy
options' as requested by @eric-maynard
- Come back of RoleARN as optional parameter, because requested in the issue
#32
- Added 'Region for client' to be aligned with last AWS implementation
modifications
- Removed the credentials parameters 'by value', only env var name are
possible. If parameters are empty, it will fallback to default AWS variables
- @collado-mike comments
- about 'at least a session token' :
seems to be not available in the S3 compatible softwares I've tested, or I
missed the information - only AssumeRole (with empty role or not) is often
implemented
- about the SKIP_CREDENTIAL_SUBSCOPING_INDIRECTION should be in the
catalog properties and not in the storage porperties :
Polaris is not forwarding the catalog properties where it is needed. Maybe
it can be adressed later in other PR ?
- STS client created inside the core/storage classes, not pass via
constructor :
Looks similar to the Azure implementation, not the AWS one. I have avoid
to modify the 'Service' code in this PR, modifications are limited to REST
specs, core Storage and regTest...
Thank you
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
