+1 (non-binding) Christian Thiel <christ...@hansetag.com.invalid> 于2024年10月23日周三 08:22写道:
> +1 (non-binding). Great feature, thanks! > ------------------------------ > *Von:* Amogh Jahagirdar <2am...@gmail.com> > *Gesendet:* Tuesday, October 22, 2024 8:00:00 PM > *An:* dev@iceberg.apache.org <dev@iceberg.apache.org> > *Betreff:* Re: [VOTE] Endpoint for refreshing vended credentials > > +1 (binding) > > On Tue, Oct 22, 2024 at 5:20 PM rdb...@gmail.com <rdb...@gmail.com> wrote: > > +1 (binding) > > Thanks for your work on this! > > On Tue, Oct 22, 2024 at 2:47 PM Prashant Singh <prashant010...@gmail.com> > wrote: > > +1 (non-binding) > > Regards, > Prashant > > On Tue, Oct 22, 2024 at 10:50 AM John Zhuge <jzh...@apache.org> wrote: > > +1 (non-binding) > > John Zhuge > > > On Tue, Oct 22, 2024 at 9:45 AM Jack Ye <yezhao...@gmail.com> wrote: > > +1 (binding) > > Best, > Jack Ye > > On Tue, Oct 22, 2024 at 9:32 AM Dmitri Bourlatchkov > <dmitri.bourlatch...@dremio.com.invalid> wrote: > > Thanks for the reply Eduard! > > I think it is fine to defer fine-tuning credential refreshes to a later PR. > > I'm upgrading my vote to +1 (non-binding). > > Cheers, > Dmitri. > > On Tue, Oct 22, 2024 at 11:11 AM Eduard Tudenhöfner < > etudenhoef...@apache.org> wrote: > > Hey Dmitri, > > the idea behind the endpoint itself is really just to provide *valid* > credentials for a given table when a client asks for them. > If the server returned you two S3 credentials, the client will use the one > with the longest prefix and if that credential expires, it will ask the > server again for *valid* credentials. > That means the server can again return you two S3 credentials, even if > that second unused credential from the previous endpoint call didn't expire > yet. > I don't think we'd want to complicate the endpoint *at this point* to > have a differentiation between what specific credentials a client wants to > receive from the server. > > Thanks, > Eduard > > On Mon, Oct 21, 2024 at 6:36 PM Dmitri Bourlatchkov > <dmitri.bourlatch...@dremio.com.invalid> wrote: > > -0 (non-binding) > > If multiple credentials are vended for a table (which is allowed) the > current API requires all credentials to be refreshed, when any of the > previous credentials expires. I think this is suboptimal (but can probably > be made to work in most practical cases). > > Cheers, > Dmitri. > > On Mon, Oct 21, 2024 at 6:07 AM Eduard Tudenhöfner < > etudenhoef...@apache.org> wrote: > > Hey everyone, > > I'd like to vote on #11281 <https://github.com/apache/iceberg/pull/11281>, > which introduces a new endpoint and allows > retrieving/refreshing vended credentials for a given table. > > Please vote +1 if you generally agree with the path forward. > > Please vote in the next 72 hours > > [ ] +1, commit the proposed spec changes > [ ] -0 > [ ] -1, do not make these changes because . . . > > > Thanks everyone, > > Eduard > >
