MonkeyCanCode commented on code in PR #3493:
URL: https://github.com/apache/polaris/pull/3493#discussion_r2713406590
##########
polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsCredentialsStorageIntegration.java:
##########
@@ -299,9 +299,16 @@ private static void addKmsKeyPolicy(
String region,
String accountId) {
- IamStatement.Builder allowKms = buildBaseKmsStatement(canWrite);
boolean hasCurrentKey = kmsKeyArn != null;
boolean hasAllowedKeys = hasAllowedKmsKeys(allowedKmsKeys);
+ boolean isAwsS3 = region != null && accountId != null;
Review Comment:
That is correct. This is only for not include default RO KMS policy. For
deciding "AWS or not", I raised a dev mailing list and a different PR. For sure
using a new property will be most robust and less FP.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
