Hi JB, This is certainly an interesting idea!
Are you thinking about keeping current Polaris permissions, but attaching them to tags instead of entities? Thanks, Dmitri. On Wed, Oct 15, 2025 at 3:15 AM Jean-Baptiste Onofré <[email protected]> wrote: > Hi folks, > > Maybe you know, I'm working on an Iceberg component for Apache Camel. > I have a first version that works and I implemented a simple route > consuming from a Kafka topic, processing the Kafka record and > inserting data into Iceberg tables. The component is able to > "dynamically" create Iceberg namespaces/tables (by configuration or by > using patterns in the Kafka record). > > I did a test using Iceberg/Polaris, and I created a bunch of Iceberg > namespaces/tables without problem. > > The "problem" is that the work to create all the permissions on > entities (namespaces/tables). From an user perspective, it's a bit > painful to define the permissions (read, write, etc) on each single > entity (especially in my case, the permissions are basically the > same). > > To ease this, I propose to have an Attribute Based Access Control: > instead of applying the permissions on a specific entity, the > permissions is on a "tag" and then the permissions definition is on a > tag (and so it will apply to all entities with the tag). > > This tag could be explicit on an entity (so the persistence model > would have a new "tag" field) or based on entity property. > > If the community thinks it's interesting, I can draft a proposal > document, create an issue and a draft PR. > > Thoughts ? > > Thanks, > Regards > JB >
