danielcweeks commented on code in PR #10722:
URL: https://github.com/apache/iceberg/pull/10722#discussion_r1757295238
##########
open-api/rest-catalog-open-api.yaml:
##########
@@ -3103,6 +3103,79 @@ components:
uuid:
type: string
+ ADLSCredentials:
+ type: object
+ allOf:
+ - $ref: '#/components/schemas/Credentials'
+ required:
+ - type
+ - sas-token
Review Comment:
I would agree with this and also state that we should never pass
non-expiring credentials through this interface as it would be very dangerous
from a security posture to expose unbounded credentials. This means we should
also require session token for AWS.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
