nandorKollar commented on code in PR #15272:
URL: https://github.com/apache/iceberg/pull/15272#discussion_r2787697336
##########
core/src/main/java/org/apache/iceberg/encryption/EncryptionUtil.java:
##########
@@ -53,8 +54,18 @@ public static KeyManagementClient
createKmsClient(Map<String, String> catalogPro
kmsType,
kmsImpl);
- // TODO: Add KMS implementations
- Preconditions.checkArgument(kmsType == null, "Unsupported KMS type: %s",
kmsType);
+ if (kmsType != null) {
+ kmsImpl =
+ switch (kmsType.toLowerCase(Locale.ROOT)) {
+ case CatalogProperties.ENCRYPTION_KMS_TYPE_AWS ->
+ CatalogProperties.ENCRYPTION_KMS_IMPL_AWS;
+ case CatalogProperties.ENCRYPTION_KMS_TYPE_AZURE ->
+ CatalogProperties.ENCRYPTION_KMS_IMPL_AZURE;
+ case CatalogProperties.ENCRYPTION_KMS_TYPE_GCP ->
+ CatalogProperties.ENCRYPTION_KMS_IMPL_GCP;
+ default -> throw new IllegalStateException("Unsupported KMS type:
" + kmsType);
+ };
Review Comment:
Would it make sense to make this pluggable? I've seen requests related to
for example Hashicorp Vault (#14451), a pluggable key manager could be
beneficial to integrate any 3rd party key management solution into Iceberg, as
long as there's a working client implementation for it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
