dimas-b commented on code in PR #1478: URL: https://github.com/apache/polaris/pull/1478#discussion_r2069595771
########## site/content/in-dev/unreleased/realm.md: ########## @@ -0,0 +1,61 @@ +--- +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +Title: Entities +type: docs +weight: 400 +--- + +This page explains what a realm is and what it is used for in Polaris. + +### What is it? + +A realm in Polaris serves as logical partitioning mechanism within the catalog system. This isolation allows for multitenancy, enabling different teams, environment or organizations to operate independently within the same Polaris deployment. + +### Key Characteristics + +**Isolation:** Each realm encapsulates its own set of resources, ensuring that operations, security breaches or policies in one realm do not affect others. Review Comment: I'd exclude `security breaches` from this statement... It's a very strong claim. ########## site/content/in-dev/unreleased/realm.md: ########## @@ -0,0 +1,61 @@ +--- +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +Title: Entities +type: docs +weight: 400 +--- + +This page explains what a realm is and what it is used for in Polaris. + +### What is it? + +A realm in Polaris serves as logical partitioning mechanism within the catalog system. This isolation allows for multitenancy, enabling different teams, environment or organizations to operate independently within the same Polaris deployment. + +### Key Characteristics + +**Isolation:** Each realm encapsulates its own set of resources, ensuring that operations, security breaches or policies in one realm do not affect others. + +**Authentication Context:** When configuring Polaris, credentials are associated with a specific realm. This allows for the separation of security concerns across different realms. Review Comment: I'd say "Pricipals' credentials" to be more precise. There are also storage credentials, which can be shared across realms ATM. ########## site/content/in-dev/unreleased/realm.md: ########## @@ -0,0 +1,61 @@ +--- +# +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# +Title: Entities +type: docs +weight: 400 +--- + +This page explains what a realm is and what it is used for in Polaris. + +### What is it? + +A realm in Polaris serves as logical partitioning mechanism within the catalog system. This isolation allows for multitenancy, enabling different teams, environment or organizations to operate independently within the same Polaris deployment. + +### Key Characteristics + +**Isolation:** Each realm encapsulates its own set of resources, ensuring that operations, security breaches or policies in one realm do not affect others. + +**Authentication Context:** When configuring Polaris, credentials are associated with a specific realm. This allows for the separation of security concerns across different realms. + +For example: + +`./gradlesw run -Dpolaris.bootstrap.credentials=POLARIS,root,secret +` +In this case POLARIS is the realm, root is the clientID and secret is the client secret. + +**ConfigurationScope:** Realm identifiers are used in various configurations, such as database paths: + +For example: + +`jdbc:h2:file:./build/test_data/polaris/{realm}/db +` +This ensures that each realm's data is stored separately. + +### How is it used in the system? Review Comment: Please add `**Persistence:** Some implementations of Polaris Persistence may use realm IDs in primary keys for Polaris data`. I believe it is important to inform uses of this aspect. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@polaris.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
