leekeiabstraction commented on PR #1245: URL: https://github.com/apache/fluss/pull/1245#issuecomment-3591558825
Hey @michaelkoepf > so i suggest, if it is possible to leave the credential providers in place, we put a warning in the docs that short-term credentials should be preferred if possible. wdyt based on your experience with hadoop aws in other projects? I've not used TD in the past so taking my time to understand the scenarios here. Warning in logs and also documentation seems sensible to me but before recommending that, I'd like to understand the fuller picture as there are a few components that I do not have context on: MinIO and when/where configurations are defined. Can you elaborate the following? Happy to sync on huddle S3 ||Coordinator Server|Tablet Server|Client|Current client experience|Intended client experience after this PR| |-|-|-|-|-|-| |Token Delegation Enabled?|true|true|true|Session delegation token requested by client from STS?|Session delegation token requested by client from STS?| |Token Delegation Enabled?|true|true|false|?|We're discussing this| |Token Delegation Enabled?|false|false|false|N/A token delegation cannot be disabled|?| |Token Delegation Enabled?|false|false|true|N/A token delegation cannot be disabled|?| MinIO ||Coordinator Server|Tablet Server|Client|Current client experience|Intended client experience after this PR| |-|-|-|-|-|-| |Token Delegation Enabled?|true|true|true|?|?| |Token Delegation Enabled?|true|true|false|?|We're discussing this| |Token Delegation Enabled?|false|false|false|N/A token delegation cannot be disabled|?| |Token Delegation Enabled?|false|false|true|N/A token delegation cannot be disabled|?| -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
