You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@iceberg.apache.org by GitBox <gi...@apache.org> on 2021/04/09 21:30:31 UTC
[GitHub] [iceberg] johnclara edited a comment on pull request #2444: Core: add API for table metadata file encryption
johnclara edited a comment on pull request #2444:
URL: https://github.com/apache/iceberg/pull/2444#issuecomment-816982342
How would you recommend storing the key materials associated with the metadata file? (for example the kmsid of the key used to encrypt the TableMetadata file?)
I was thinking one option would be along side the TableMetadata location within the external metastore for the active snapshot, and then within the TableMetadata for previous snapshots?
For instance my team uses DynamoDB as an external catalog with schema:
`icebergTableName, metadataLocation`
We could add another column:
`icebergTableName, metadataLocation, keyMaterials`
For loading the current snapshot of the table, we could use the key materials within the external metastore to read the TableMetadata file.
In order to look at previous snapshots, the keyMaterials could be stored along side the metadataLocation in the previous snapshots section of the TableMetadata file.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@iceberg.apache.org
For additional commands, e-mail: issues-help@iceberg.apache.org