Welcome to the Polaris community, Anand ! Thank you for the change, I think it's a nice feature to have i.e to capture for what table access this cred was vended and for whom which can help your compliance, I am assuming your organization is only on AWS then.
All in all I see value in this change, and am happy to help you with the reviews. Thanks, Prashant Singh On Mon, Dec 29, 2025 at 8:42 AM Anand Kumar Sankaran via dev < [email protected]> wrote: > Hello all, > > This is my first PR against the Apache Polaris project. > > I am working on deploying Apache Polaris to production for my employer. > We have strict requirements around data protection and tracking who > accessed what data, given a lot of the personal data we deal with. > > > I raised this enhancement against Polaris. > > Add support for AWS STS Session Tags when vending S3 credentials via > AssumeRole. This enables deterministic correlation between Polaris catalog > operations and downstream S3 access events in AWS CloudTrail. > > https://github.com/apache/polaris/issues/3325 > > This is the PR. > > https://github.com/apache/polaris/pull/3327 > > Thanks to Dmitri for the review and I will update the PR later today. > > I would appreciate all feedback for this PR and feature request. I read > the contribution guidelines, if I missed something, please let me know. > > — > Anand > Workday Data Lake > >
