edmondop opened a new issue, #6422: URL: https://github.com/apache/arrow-rs/issues/6422
Credential process is a flexible solution for providing custom authentication mechanisms for object store. It is described as a part of the AWS SDK [documentation](https://docs.aws.amazon.com/sdkref/latest/guide/feature-process-credentials.html) and implementing it would allow more complex use cases to be fully supported by the current setup, without adding particular complexity. # How does it work? When user decides to use the credential process, when a client needs credentials it invokes the process, which replies with a defined schema like so: ```json { "Version": 1, "AccessKeyId": "an AWS access key", "SecretAccessKey": "your AWS secret access key", "SessionToken": "the AWS session token for temporary credentials", "Expiration": "RFC3339 timestamp for when the credentials expire" } ``` The client knows when the expiration will occur, and will re-invoke the process when required. # What can we do? We can then extend the [AmazonS3Builder](https://github.com/apache/arrow-rs/blob/master/object_store/src/aws/builder.rs#L421-L437) to support this use case via an environment variable -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
