alamb commented on issue #6422: URL: https://github.com/apache/arrow-rs/issues/6422#issuecomment-2372026835
For additional context see https://github.com/apache/arrow-rs/issues/5143. Copying some of the info here: I think the usecase this feature would support is 1. User uses object_store indirectly via `polars` 2. `polars` does not provide any way to modify / configure s3 connections at runtime Since the users don't control the pola.rs source or distribution, they can not use the existing object_store [`CredentialProvider`](https://docs.rs/object_store/latest/object_store/trait.CredentialProvider.html) trait. The proposal on this ticket is to add an mechanism that can call out to an external program / process to get credentials. While less efficient this would allow someone to plug in whatever authentication mechanism they wanted without having to change the source code @tustvold notes that we need to ensure this type of mechanism does not compromise system security (e.g. perhaps it has to be enabled by deafult Also, he mentioned that the Azure client has something similar -- [`MicrosoftAzureBuilder::with_use_azure_cli`](https://docs.rs/object_store/latest/object_store/azure/struct.MicrosoftAzureBuilder.html#method.with_use_azure_cli) that we could use as a model -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
