snazy commented on PR #2048: URL: https://github.com/apache/polaris/pull/2048#issuecomment-3187155240
Discussions around _how_ FGAC is exposed are still ongoing and things can still change. We do not have a comprehensive list of requirements, meaning the _whole_ user-experience including how Iceberg expressions evolve, how the support for UDFs will be and how UDFs will eventually look like. "Secure views", as mentioned in the linked docs and in this PR, are IMHO not the right way. That one changes the expected behavior, requires engines to do hide parts of their query plan from users and it prevents people from updating their tables (b/c those would be represented as views). Some more concerns were raised in community meetings (Iceberg + Polaris) around "secure views". We also need to define, for Polaris, how all the required things play together, including the evaluation of the policies, considering input from AuthZ sources (OAuth et al). The users' needs for Polaris are very important. Technically, we need a performant way to expose the right protection instructions. That cannot be even designed until the Iceberg API and expressions and Polaris requirements discussions have settled. I'd prefer a top-down approach, not a bottom-up approach. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
