adutra commented on code in PR #15112:
URL: https://github.com/apache/iceberg/pull/15112#discussion_r2718203949
##########
open-api/rest-catalog-open-api.yaml:
##########
@@ -3442,13 +3488,19 @@ components:
- `s3.access-key-id`: id for credentials that provide access to the
data in S3
- `s3.secret-access-key`: secret for credentials that provide access
to data in S3
- `s3.session-token`: if present, this value should be used for as
the session token
- - `s3.remote-signing-enabled`: if `true` remote signing should be
performed as described in the `s3-signer-open-api.yaml` specification
+ - `s3.remote-signing-enabled`: if `true` remote signing should be
performed as described in the `RemoteSignRequest` schema section of this spec
document.
- `s3.cross-region-access-enabled`: if `true`, S3 Cross-Region bucket
access is enabled
## Storage Credentials
Credentials for ADLS / GCS / S3 / ... are provided through the
`storage-credentials` field.
Clients must first check whether the respective credentials exist in
the `storage-credentials` field before checking the `config` for credentials.
+
+ ## Remote Signing
+
+ If remote signing for a specific storage provider is enabled, clients
must respect the following configurations when creating a remote signer client:
+ - `signer.uri`: the base URI of the remote signer endpoint. Optional;
if absent, defaults to the catalog's base URI.
+ - `signer.endpoint`: the path of the remote signer endpoint.
Required. Should be concatenated with `signer.uri` to form the complete URI.
Review Comment:
Rephrased, lmk what you think!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
