Hi Vinish, Currently, we can't enforce the auth policies for non-Iceberg tables in object storage using something like credential vending. For non-Iceberg tables, we have a framework to push the policies to the external auth systems like Ranger, so query engines can leverage such auth systems to enforce the access control. For the details, you can refer to this doc https://gravitino.apache.org/docs/0.9.1/security/authorization-push-down
Best, Jerry Vinish Reddy Pannala <[email protected]> 于2025年9月17日周三 08:42写道: > Hi all, > > I’ve been exploring *Gravitino* to understand whether it can be used to > enforce authentication and authorization policies for *non-Iceberg tables* > (e.g., Hudi) stored in object storage such as *S3 or GCS*, when queried > through open-source engines like *Spark, Trino, or Flink*. > > From the documentation, I wasn’t able to confirm if this use case is > currently supported. Could someone clarify whether Gravitino can provide > access control in this scenario? > > Any guidance or pointers to relevant docs/designs would be much > appreciated. > > Thanks, > Vinish >
