lefebsy commented on PR #389: URL: https://github.com/apache/polaris/pull/389#issuecomment-2428877476
Hello, For reviewers, I have a security concern about this proposition of implementation. - The configurationStorage is communicated and displayed everywhere in Polaris : logs, createCatalog response, getCatalog response... - This configuration store not a simple role_arn but also secret_keys. It should be possible to filter the sensible data in the logs and in the responses. I have not find by myself the best place in code to do this. Maybe it could be also intersting for other storage types to be able to mask some sensible properties. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
