Hi Ashok, It makes sense to separate both options into different PRs. We will need a feature flag to control them though, see more details in class FeatureConfiguration. The potential options would be: 1. No KMS support 2. KMS support with Approach #3 3. KMS support with Approach #4
Yufei On Mon, May 26, 2025 at 2:09 AM Jean-Baptiste Onofré <j...@nanthrax.net> wrote: > Hi Ashok > > Thanks for the update. I will take a look as I'm back from several trips :) > > Regards > JB > > On Fri, May 23, 2025 at 5:10 PM Ashok Krishna <ashok.rex.2...@gmail.com> > wrote: > > > > Hi folks, > > > > > > This is regarding the addition of KMS support for AWS S3 in Polaris. > > Several approaches were proposed in the PR > > <https://github.com/apache/polaris/pull/1424>, and based on our last > > community sync, we aligned on the following: > > > > > > > > - Using an IAM policy with *Resource: '*'* at the catalog level > > (Approach #4) > > > > > > - Using table-level keys as per the Iceberg spec (Approach #3) > > > > > > The current PR <https://github.com/apache/polaris/pull/1424> implements > > Approach #4 at the catalog level. I’d like to confirm whether it’s okay > to > > split the implementation and submit Approach #3 as a separate PR. > > > > PR - https://github.com/apache/polaris/pull/1424 >
