GitHub user bharos added a comment to the discussion: Consider support for role assumption (SET ROLE) to narrow effective permissions
Thanks @roryqi . Your observation is correct, although I think the header approach I mentioned above specifically avoids needing compute engine support. AFAIK Iceberg's RESTSessionCatalog already forwards any header.* catalog property as an HTTP header on every request. So a user can configure something like: ``` spark.sql.catalog.x.header.X-Gravitino-Active-Role = restricted_role ``` No Spark/Flink/Trino code changes needed. The role is set at catalog configuration time, not via SQL. This covers the practical use case: different applications or service accounts operate under different roles (e.g., a reporting pipeline runs with read_only_role, while an ETL pipeline uses write_role). The **drawback** is that it's static per catalog instance, not dynamic per-session — but we can use that as a workaround for now, for at least some use-cases. GitHub link: https://github.com/apache/gravitino/discussions/10894#discussioncomment-16752000 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
