lefebsy commented on code in PR #389:
URL: https://github.com/apache/polaris/pull/389#discussion_r1813196246
##########
spec/polaris-management-service.yml:
##########
@@ -901,6 +903,58 @@ components:
required:
- roleArn
+ S3StorageConfigInfo:
+ type: object
+ description: S3 compatible storage configuration info (MinIO, Dell ECS,
Netapp StorageGRID, ...)
+ allOf:
+ - $ref: '#/components/schemas/StorageConfigInfo'
+ properties:
+ credsCatalogAndClientStrategy:
+ type: string
+ enum:
+ - VALUE
+ - ENV_VAR_NAME
+ default: ENV_VAR_NAME
+ example: "ACCESS_KEY"
+ description: When you send key VALUE directly via this command, they
should apear in logs. By ENV_VAR_NAME without dollar, only a reference will
appear in logs, but the value have to be available as environnement variable in
the context where Polaris is running
+ credsVendingStrategy:
+ type: string
+ enum:
+ - TOKEN_WITH_ASSUME_ROLE
+ - KEYS_SAME_AS_CATALOG
+ - KEYS_DEDICATED_TO_CLIENT
+ default: TOKEN_WITH_ASSUME_ROLE
+ description: The catalog strategy to vend credentials to client.
Options possible are same keys than catalog, keys dedicated to clients, or
Tokens with STS methods 'assumeRole' for Dell ECS or NetApp StorageGrid
solution, 'truc' for MinIo solution)
Review Comment:
Sorry, typo.
I have forget to delete the end of the sentence.
( I was thinking to list possible other MinIO supported functions who could
be implemented
https://min.io/docs/minio/linux/developers/security-token-service.html?ref=docs-redirect#id1
- AssumeRoleWithWebIdentity for OIDC external identity provider
- AssumeRoleWithLDAPIdentity for LDAP
- ...
)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
