Fix doc to remove privileges may take up to one hour to take effect and add Policy to securable object#2009
Merged
dimas-b merged 3 commits intoapache:mainfrom Jul 25, 2025
Merged
Conversation
…nd add Policy to securable object
There was a problem hiding this comment.
Pull Request Overview
This PR updates the access control documentation to remove an outdated note about privilege propagation delay and to include Policy in the list of securable objects.
- Removed the misleading one-hour delay note for privilege updates.
- Added
Policyto the securable objects list.
Comments suppressed due to low confidence (1)
site/content/in-dev/unreleased/access-control.md:74
- [nitpick] It may be helpful to add a positive note clarifying that privilege changes now take effect immediately, so users know what to expect.
principals.
Comment on lines
43
to
+46
| - Namespace | ||
| - Iceberg table | ||
| - View | ||
| - Policy |
There was a problem hiding this comment.
[nitpick] Consider sorting the list of securable objects alphabetically to maintain consistency (e.g., Iceberg table, Namespace, Policy, View).
Suggested change
| - Namespace | |
| - Iceberg table | |
| - View | |
| - Policy | |
| - Iceberg table | |
| - Namespace | |
| - Policy | |
| - View |
eric-maynard
previously approved these changes
Jul 9, 2025
github-project-automation
bot
moved this from PRs In Progress
to Ready to merge
in Basic Kanban Board
Contributor
|
Hey @cgpoh, can you take a look at the conflicts? |
Contributor
Author
|
Thanks @eric-maynard , I've resolved the conflicts. |
eric-maynard
approved these changes
Jul 23, 2025
github-project-automation
bot
moved this from Ready to merge
to Done
in Basic Kanban Board
github-project-automation
bot
moved this from Done
to PRs In Progress
in Basic Kanban Board
dimas-b
approved these changes
Jul 25, 2025
github-project-automation
bot
moved this from PRs In Progress
to Ready to merge
in Basic Kanban Board
github-project-automation
bot
moved this from Ready to merge
to Done
in Basic Kanban Board
Contributor
|
Thanks for your contribution, @cgpoh ! |
Contributor
Author
|
Thanks @eric-maynard , @dimas-b! |
snazy
added a commit
to snazy/polaris
that referenced
this pull request
Nov 20, 2025
* fix(deps): update dependency com.google.errorprone:error_prone_core to v2.41.0 (apache#2181) * Simplify bootstrapServiceAndCreatePolarisPrincipalForRealm (apache#2172) this is a small follow-up to 5faa371 because the same pattern existed for this method. note that we do some minor additional "formatting" changes to minimize the diff between the two files (as they were originally copy pasted). this could lead to having a common base class in the future. * fix(deps): update dependency boto3 to v1.39.13 (apache#2182) * Add podman support (apache#2143) * Add Polaris Community Meeting 2025-07-24 (apache#2184) * fix(deps): update dependency com.adobe.testing:s3mock-testcontainers to v4.7.0 (apache#2185) * Push AccessConfig creation to PolarisStorageIntegration (apache#2171) This refactoring does not change Polaris behaviour. * Move storage-specific access properties processing logic from core code to storage integration implementations. * Add `isExpirationTimestamp` flag to `StorageAccessProperty` to allow them to be processed uniformly. * Prepare for supporting access config properties that may have different values in Polaris Servers and Clients. This enables future enhancements to support different S3 endpoint DNS names in servers and clients for apache#1530 * Fix doc to remove privileges may take up to one hour to take effect and add Policy to securable object (apache#2009) * fix(deps): update dependency boto3 to v1.39.14 (apache#2186) * chore(deps): update plugin jetbrains-changelog to v2.3.0 (apache#2187) * fix(deps): update dependency software.amazon.awssdk:bom to v2.32.9 (apache#2191) * Add Principal lookup helpers to PolarisMetaStoreManager (apache#2174) `PolarisMetaStoreManager.readEntityByName` is quite a low-level api, so we can simplify a lot of callers with additional helpers: - add `PolarisMetaStoreManager.findRootPrincipal` - add `PolarisMetaStoreManager.findPrincipalByName` - add `PolarisMetaStoreManager.findPrincipalRoleByName` also we now prefer `PolarisEntityConstants` where applicable * Remove PolarisDiagnostics from json utils (apache#2176) With transitive cleanups of, PolarisStorageConfigurationInfo, ConnectionConfigInfoDpo, BaseMetaStoreManager, PolarisObjectMapperUtil, CurrentContext * Fix Namespace resolution on grant/revoke privilege operations (apache#2170) * Fix Namespace resolution on grant/revoke privilege operations * Move isFullyResolvedNamespace to PolarisResolvedPathWrapper * fix(deps): update dependency boto3 to v1.39.15 (apache#2199) * fix(deps): update dependency com.google.cloud:google-cloud-storage-bom to v2.54.0 (apache#2200) * fix(deps): update dependency boto3 to v1.39.16 (apache#2209) * chore(deps): update actions/stale digest to a92fd57 (apache#2208) * fix(deps): update quarkus platform and group to v3.25.0 (apache#2167) * NoSQL updates * Last merged commit 914be46 --------- Co-authored-by: Mend Renovate <[email protected]> Co-authored-by: Christopher Lambert <[email protected]> Co-authored-by: Yong Zheng <[email protected]> Co-authored-by: JB Onofré <[email protected]> Co-authored-by: Dmitri Bourlatchkov <[email protected]> Co-authored-by: CG <[email protected]> Co-authored-by: Pooja Nilangekar <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Minor update for the access control doc:
Remove the misleading section on privileges granted may take up to one hour to take effect. I've tested granting the privileges and confirmed that the privileges granted take effect instantly.
Add
Policyto the list of securable objects