openinx commented on PR #14443: URL: https://github.com/apache/iceberg/pull/14443#issuecomment-3605223709
Hi @zhaoyunjiong , Basically I understand your idea, we want to use the customized credentials provider to automatically get the temporary credentials, rather than configuring the static credentials inside the iceberg table properties (which is not safe). Then is it possible to follow the `iceberg-aws` module that we've already did, which means introducing a separate table properties to specify the credentials provider that you want to configure. Please see the `iceberg-aws` code here: https://github.com/apache/iceberg/blob/fb0af7e5fcb45fe69a80ae8cb11208fb7b36a956/aws/src/main/java/org/apache/iceberg/aws/AwsClientProperties.java#L60 And with this, you can configure what kind of credentials provider implementation that you want. https://github.com/apache/iceberg/blob/fb0af7e5fcb45fe69a80ae8cb11208fb7b36a956/aws/src/main/java/org/apache/iceberg/aws/AwsClientProperties.java#L211-L235 And another key question from my side is: How do we gurantee the credential expiration won't interrupt the long-running job ? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
