XJDKC commented on PR #1899:
URL: https://github.com/apache/polaris/pull/1899#issuecomment-3049624280
Update from slack:
We may lean to remove the Entity Transformation System but inject service
identity directly.
We have three possible injection points:
* **Option 1**: Persist only a reference (i.e. URN) and resolve the full
identity via a lookup interface at service layer
* **Option 2**: Persist only a reference (i.e. URN) and resolve the full
identity via a lookup interface at persistence layer
* **Option 3**: Persist both the reference and user-facing identity fields
(userArn) in the persistence layer for convenience or performance.
```
CatalogEntity ServiceIdentityProvider::assignOnCatalogLoad(CatalogEntity
entity);
CatalogEntity ServiceIdentityProvider::assignOnCatalogPersist(CatalogEntity
entity);
CatalogEntity ServiceIdentityProvider::assignOnServiceLayer(CatalogEntity
entity);
```
Also we are still discussing the shape of the `ConnectionConfigInfoDpo`
```
{
"connectionConfigInfoDpo": {
"authenticationParametersDpo": { /* ... */ },
"serviceIdentityDpo": {
"type": "AWS_IAM",
"serviceArn": null, // we can choose to not persist this info in
metastore, but keep this field to make option 2 and 3 possible
"serviceInfoAuthLocatorUrn":
"urn:polaris-service-identities:realm-id:catalog-id:connection"
}
},
}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
