obelix74 commented on code in PR #3327:
URL: https://github.com/apache/polaris/pull/3327#discussion_r2651636440
##########
polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java:
##########
@@ -57,6 +60,16 @@ public class AwsCredentialsStorageIntegration
private static final Logger LOGGER =
LoggerFactory.getLogger(AwsCredentialsStorageIntegration.class);
+ // AWS STS Session Tag keys for CloudTrail correlation
+ static final String TAG_KEY_CATALOG = "polaris:catalog";
+ static final String TAG_KEY_NAMESPACE = "polaris:namespace";
+ static final String TAG_KEY_TABLE = "polaris:table";
+ static final String TAG_KEY_PRINCIPAL = "polaris:principal";
+ static final String TAG_KEY_REQUEST_ID = "polaris:request-id";
Review Comment:
Moved the tag key constants to `CredentialVendingContext` where they're more
appropriately located alongside the context fields they describe. This makes
them easier to find and customize.
For full realm-level configurability of tag keys, that would require adding
new `FeatureConfiguration` entries and plumbing them through to the storage
integrations. I can do it in this PR or as a follow up PR - please let me know.
I am a bit concerned that this PR is already too big.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
