dimas-b commented on code in PR #1506:
URL: https://github.com/apache/polaris/pull/1506#discussion_r2071733349
##########
spec/polaris-management-service.yml:
##########
@@ -938,6 +940,34 @@ components:
format: password
description: Bearer token (input-only)
+ SigV4AuthenticationParameters:
+ type: object
+ description: AWS Signature Version 4 authentication
+ allOf:
+ - $ref: '#/components/schemas/AuthenticationParameters'
+ properties:
+ roleArn:
+ type: string
+ description: The aws IAM role arn assume when signing requests
Review Comment:
To clarify my point on naming: indeed, the actual authentication mechanism
on the wire is going to be SigV4, however, the user-facing configuration and
requirements involve STS and role assumption. This is more specific than SigV4.
In other words, users who configure this authentication method have to be aware
of STS and roles. The basic inputs into SigV4 are ID/secret/session-token, but
this auth config is higher level.
Therefore, from my POV using a name that highlights reliance on higher-level
concepts like STS would be beneficial and provide clarity to users.
I do not feel too strongly about this, though :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
