GitHub user dimas-b edited a comment on the discussion: Security Concern: Vended Credentials as Bearer Tokens — Credential Delegation Violation & Workload Identity Binding
@RB-ETArch : > Whether the credential delegation pattern is a known, accepted limitation of > the current architecture This pattern is a feature of the Iceberg REST Catalog API. Polaris supports it for S3 systems by using STS for generating Session Tokens. Session Tokens are scoped down by the use case (read or write) to the most specific location Polaris can deduce (normally the table's base location). GitHub link: https://github.com/apache/polaris/discussions/3972#discussioncomment-16084016 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected]
