Thank you Alexandre and Jean-Baptiste for your comments! So, if I could summarize the concerns they are the following: 1. Personally identifiable (sensitive) information. As Alexandre said this could become an issue once we get into federated principals territory. 2. OOMs, DOS attacks and metric data amplification especially if we compute the combinations between realms and principals.
*Solutions* 1,2: For both I think a good practice is to create a configuration flag that is set to false by default and explicitly state the risks for the users when they enable it. I have such a flag in the PR and also set it to false by default. 2: What Alexandre proposed (i.e., a production readiness check) is something that I can easily add. Best, Kostas On Tue, Aug 26, 2025 at 11:51 AM Jean-Baptiste Onofré <j...@nanthrax.net> wrote: > Hi Kostas > > Thanks for starting the discussion. > > I think it makes sense to add user principal name in the metrics. > However, I have two comments: > 1. Some users could consider this as sensitive information. > Personally, as principal name is not a "composed" tag, I think it's > ok. > 2. It can generate a lot of "extra" data in the metrics. > For these two reasons, maybe we should consider a feature flag to > enable adding user principal name in the metrics, and not do it by > default. > > Thoughts ? > > Regards > JB > > On Tue, Aug 26, 2025 at 5:32 AM Kostas Zoumpatianos > <kostas.zoumpatia...@fivetran.com.invalid> wrote: > > > > Hi team, > > > > I recently opened a PR that optionally adds the user principal name as a > > tag in metrics. This is useful for tracing API calls back to individual > > users. > > > > I understand that this can potentially expose information that people > might > > not want to necessarily expose, so this is why I set it to `false` by > > default. > > > > I am raising visibility on this with this email. > > > > This is the associated issue: > https://github.com/apache/polaris/issues/2444 > > and the associated PR: https://github.com/apache/polaris/pull/2445 > > > > Best regards, > > Kostas >
