Iceberg REST Spec Extensions for Access Decision Exchange

[jackye1995]

Proposed Change

Devlist Discussion: https://lists.apache.org/thread/4swop72zgcr8rrmwvb51rlk0vnb8joyz

Data access control is a critical aspect for data warehouse and lake house systems to ensure data security, privacy, and legal compliance. It is a key part of the broad data governance story in a multi-cloud multi-engine environment. This document proposes a series of Iceberg spec extensions (in REST and view spec) to enable the exchange of data access decisions between catalog and engine, so that there is centralized authorization policy configuration and decision-making in catalog, and standardized access decision engine enforcement.

https://docs.google.com/document/d/14nmuxxfzQsYo59o0Fbpb-pxOlzS6bVtduL8P8pwKZ6U/edit

Proposal document

No response

Specifications

• Table
• View
• REST
• Puffin
• Encryption
• Other

[github-actions]

This issue has been automatically marked as stale because it has been open for 180 days with no activity. It will be closed in next 14 days if no further activity occurs. To permanently prevent this issue from being considered stale, add the label 'not-stale', but commenting on the issue is preferred when possible.

[github-actions]

This issue has been closed because it has not received any activity in the last 14 days since being marked as 'stale'

[kulte]

Is this really not planned now officially, or is this a github-actions stale automation?