collado-mike commented on PR #1424: URL: https://github.com/apache/polaris/pull/1424#issuecomment-2835963436
The typical pattern is to use a single KMS master key to encrypt all files for a table. Each file will be encrypted with a different data encryption key, but the master key is typically the same. The way I propose to model this is to explicitly assign a KMS master key to each table - if it changes, we can add list of secondary keys - so that the policy explicitly grants encrypt/decrypt privileges using only the specified KMS key(s). Additionally, include the S3 path(s) as the encryption context so that the master key can only be used to decrypt data within the specified subpath. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@polaris.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
