roryqi commented on PR #10732: URL: https://github.com/apache/gravitino/pull/10732#issuecomment-4241763053
> > Yes, we could always start with one KMS for simplicity. KMS may be like MySQL, we only need a kind of storage, although we can deploy in multiple clouds. Gravitino server in AWS may use AWS Secrets Manager, Gravitino on-premise may use HashiCorp Vault. Do we need users to know which kms they are using? > > Agreed. > > And for "Do we need users to know which KMS they are using?" > > Yes, it's better if users know which KMS is configured. This makes it easier for them to onboard keys or obtain necessary access. We might need to add an admin/settings section in the Gravitino UI to display the KMS configuration (at least the service details), though this admin/settings kind of section doesn't currently exist in the UI. Admin should know that but we shouldn't expose it to normal users. Normal users won't care about which database we used. Normal users won't care about which KMS we used. Admin can know the KMS kind by reading the configurations. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
