Hi all, I'm reviving the discussion regarding remote S3 signing because the PR [1] is now more than 4 months old, and it's been quite a pain to rebase it regularly.
I would like to thank Prashant for his thorough review of the PR so far; his feedback did uncover a few issues around table locations that led to [2], but the resulting PR now aligns with Milestone 1 (M1). And by the way, Milestone 2 is already underway. As a reminder, in the M1 PR, remote signing is clearly labeled as beta and disabled by default. What is the community's interest and appetite for this, and what is the desired timeline? Do we have any outstanding blockers? I know the PR is big, but maybe it could benefit from more reviews as well. Anyways, let me know what's the best way to move forward with remote signing. Thanks, Alex [1]: https://github.com/apache/polaris/pull/2280 [2]: https://github.com/apache/polaris/pull/3226 On Tue, Aug 26, 2025 at 3:42 AM Alexandre Dutra <[email protected]> wrote: > > Hi all, > > I'm starting a new thread on S3 remote signing to avoid hijacking the > existing one [1]. > > To summarize our current progress: we have a design document [2], a > Github issue [3] and an initial PR [4]. > > This initial PR establishes the foundation for the feature. In that > PR, remote signing is marked experimental, due to suboptimal > authorization checks and potential performance bottlenecks. However, a > clear path for improvements in both areas has been identified. > > How should we proceed? Is the community in agreement with the general > implementation guidelines and the current PR? > > Thanks, > Alex > > [1]: https://lists.apache.org/thread/qvzwc3qxlfrk9vr7yfbx6zxfhz9lhlbc > [2]: > https://docs.google.com/document/d/1ygdia7u4bUHUt6n8XhZo48aKoIyyrCvKqan3XP25iB8/edit?usp=sharing > [3]: https://github.com/apache/polaris/issues/32 > [4]: https://github.com/apache/polaris/pull/2280
