XJDKC commented on code in PR #1506:
URL: https://github.com/apache/polaris/pull/1506#discussion_r2072024231
##########
spec/polaris-management-service.yml:
##########
@@ -938,6 +940,34 @@ components:
format: password
description: Bearer token (input-only)
+ SigV4AuthenticationParameters:
Review Comment:
STS is a global service, so the region is not required. But STS does have
regional endpoint, for the requests to the global endpoint, sdk will
automatically send to regional endpoint: [AWS STS Regions and
endpoints](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_region-endpoints.html)
> AWS has made changes to the AWS Security Token Service (AWS STS) global
endpoint (https://sts.amazonaws.com) in Regions [enabled by
default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html)
to enhance its resiliency and performance. AWS STS requests to the global
endpoint are automatically served in the same AWS Region as your workloads.
These changes will not be deployed to opt-in Regions. We recommend that you use
the appropriate AWS STS regional endpoints. For more information, see [AWS STS
global endpoint
changes](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_region-endpoints.html#reference_sts_global_endpoint_changes).
But to sign a request, we need to provide the region info, this is because
we want to access a regional service like AWS Glue in `us-west-2`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
