[
https://issues.apache.org/jira/browse/FLINK-38516?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Rosa Seohwa Kang updated FLINK-38516:
-------------------------------------
Description:
The Flink SQL Gateway currently lacks native support for read-only mode to
restrict
[[ModifyOperations|https://github.com/apache/flink/blob/master/flink-table/flink-table-api-java/src/main/java/org/apache/flink/table/operations/ModifyOperation.java]]]
(e.g., {{{}INSERT{}}}, {{{}DELETE{}}}). This is needed as it allows ad-hoc
querying on shared session clusters without risk of data modification.
*Proposed Solution:* Add a configuration parameter {{sql-gateway.read-only:
true}} that rejects SQL statements attempting to modify data or schema,
returning clear error messages to users.
!image-2025-10-14-10-23-57-501.png!
*Use Case:* Enable safe SQL access for analytics and exploration across broad
user groups without risk of accidental or malicious destructive operations.
was:
The Flink SQL Gateway currently lacks native support for read-only mode to
restrict
[[ModifyOperations|https://github.com/apache/flink/blob/master/flink-table/flink-table-api-java/src/main/java/org/apache/flink/table/operations/ModifyOperation.java]|https://github.com/apache/flink/blob/master/flink-table/flink-table-api-java/src/main/java/org/apache/flink/table/operations/ModifyOperation.java]]
(e.g., {{{}INSERT{}}}, {{{}DELETE{}}}). This is needed for providing users
ad-hoc query access to shared session clusters for flinksql querying such that
data modification is prevented.
*Proposed Solution:* Add a configuration parameter {{sql-gateway.read-only:
true}} that rejects SQL statements attempting to modify data or schema,
returning clear error messages to users.
!image-2025-10-14-10-23-57-501.png!
*Use Case:* Enable safe SQL access for analytics and exploration across broad
user groups without risk of accidental or malicious destructive operations.
> Add Configuration Option to Enable Read-Only Mode for Flink SQL Gateway
> -----------------------------------------------------------------------
>
> Key: FLINK-38516
> URL: https://issues.apache.org/jira/browse/FLINK-38516
> Project: Flink
> Issue Type: Improvement
> Components: Table SQL / Gateway
> Affects Versions: 2.1.0
> Reporter: Rosa Seohwa Kang
> Priority: Minor
> Labels: pull-request-available
> Fix For: 2.2.0
>
> Attachments: image-2025-10-14-10-23-57-501.png
>
>
> The Flink SQL Gateway currently lacks native support for read-only mode to
> restrict
> [[ModifyOperations|https://github.com/apache/flink/blob/master/flink-table/flink-table-api-java/src/main/java/org/apache/flink/table/operations/ModifyOperation.java]]]
> (e.g., {{{}INSERT{}}}, {{{}DELETE{}}}). This is needed as it allows ad-hoc
> querying on shared session clusters without risk of data modification.
>
> *Proposed Solution:* Add a configuration parameter {{sql-gateway.read-only:
> true}} that rejects SQL statements attempting to modify data or schema,
> returning clear error messages to users.
> !image-2025-10-14-10-23-57-501.png!
> *Use Case:* Enable safe SQL access for analytics and exploration across broad
> user groups without risk of accidental or malicious destructive operations.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
