iceberg icon indicating copy to clipboard operation
iceberg copied to clipboard

Published 20 hours ago verified publisher icon apache

Iceberg REST Spec Extensions for Access Decision Exchange

Open jackye1995 opened this issue 8 months ago • 0 comments

Proposed Change

Devlist Discussion: https://lists.apache.org/thread/4swop72zgcr8rrmwvb51rlk0vnb8joyz

Data access control is a critical aspect for data warehouse and lake house systems to ensure data security, privacy, and legal compliance. It is a key part of the broad data governance story in a multi-cloud multi-engine environment. This document proposes a series of Iceberg spec extensions (in REST and view spec) to enable the exchange of data access decisions between catalog and engine, so that there is centralized authorization policy configuration and decision-making in catalog, and standardized access decision engine enforcement.

https://docs.google.com/document/d/14nmuxxfzQsYo59o0Fbpb-pxOlzS6bVtduL8P8pwKZ6U/edit

Proposal document

No response

Specifications

  • [X] Table
  • [X] View
  • [X] REST
  • [ ] Puffin
  • [ ] Encryption
  • [ ] Other

jackye1995 avatar May 29 '24 16:05 jackye1995