Smallrye nessie catalog service s3 default options
Default bucket configuration, default/fallback values for all buckets are taken from this one.
| Property | Default Value | Type | Description |
|---|---|---|---|
nessie.catalog.service.s3.default-options.default-options.name | string | The name of the bucket. If unset, the name of the bucket will be extracted from the configuration option, e.g. if nessie.catalog.service.s3.bucket1.name=my-bucket is set, the bucket name will be my-bucket; otherwise, it will be bucket1. This should only be defined if the bucket name contains non-alphanumeric characters, such as dots or dashes. | |
nessie.catalog.service.s3.default-options.default-options.server-auth-mode | APPLICATION_GLOBAL, STATIC | The authentication mode to use by the Catalog server. If not set, the default is STATIC . Depending on the authentication mode, other properties may be required. Valid values are: * APPLICATION_GLOBAL: Use the AWSSDK default credentials provider . * STATIC: Static credentials provided through the access-key option. | |
nessie.catalog.service.s3.default-options.default-options.client-auth-mode | REQUEST_SIGNING, ASSUME_ROLE | Controls the authentication mode for Catalog clients accessing this bucket. If not set, the default is REQUEST_SIGNING. | |
nessie.catalog.service.s3.default-options.default-options.endpoint | uri | Endpoint URI, required for private (non-AWS) clouds, specified either per bucket or in the top-level S3 settings. If the endpoint URIs for the Nessie server and clients differ, this one defines the endpoint used for the Nessie server. | |
nessie.catalog.service.s3.default-options.default-options.external-endpoint | uri | When using a specific endpoint (endpoint) and the endpoint URIs for the Nessie server differ, you can specify the URI passed down to clients using this setting. Otherwise, clients will receive the value from the endpoint setting. | |
nessie.catalog.service.s3.default-options.default-options.path-style-access | boolean | Whether to use path-style access. If true, path-style access will be used, as in: https://<domain>/<bucket> . If false, a virtual-hosted style will be used instead, as in: https://<bucket>.<domain>. If unspecified, the default will depend on the cloud provider. | |
nessie.catalog.service.s3.default-options.default-options.access-point | string | AWS Access point for this bucket. Access points can be used to perform S3 operations by specifying a mapping of bucket to access points. This is useful for multi-region access, cross-region access, disaster recovery, etc. See: Access Points | |
nessie.catalog.service.s3.default-options.default-options.allow-cross-region-access-point | boolean | Authorize cross-region calls when contacting an access-point. By default, attempting to use an access point in a different region will throw an exception. When enabled, this property allows using access points in other regions. | |
nessie.catalog.service.s3.default-options.default-options.region | string | DNS name of the region, required for AWS. The region must be specified for AWS, either per bucket or in the top-level S3 settings. | |
nessie.catalog.service.s3.default-options.default-options.access-key | `` | An access-key-id and secret-access-key must be configured using the name and secret fields, either per bucket or in the top-level S3 settings. Required when server-authentication-mode is STATIC. For STS, this defines the Access Key ID and Secret Key ID to be used as a basic credential for obtaining temporary session credentials. | |
nessie.catalog.service.s3.default-options.default-options.access-key.name | string | ||
nessie.catalog.service.s3.default-options.default-options.access-key.secret | string | ||
nessie.catalog.service.s3.default-options.default-options.sts-endpoint | uri | The Security Token Service endpoint. This parameter must be set when running in a private (non-AWS) cloud and the catalog is configured to use S3 sessions (e.g. to use the “assume role” functionality). | |
nessie.catalog.service.s3.default-options.default-options.assume-role | string | The ARN of the role to assume for accessing S3 data. This parameter is required for Amazon S3, but may not be required for other storage providers (e.g. Minio does not use it at all). If this option is defined, the server will attempt to assume the role at startup and cache the returned session credentials. | |
nessie.catalog.service.s3.default-options.default-options.session-iam-policy | string | IAM policy in JSON format to be used as an inline session policy (optional). See: AssumeRoleRequest#policy() | |
nessie.catalog.service.s3.default-options.default-options.role-session-name | string | An identifier for the assumed role session. This parameter is most important in cases when the same role is assumed by different principals in different use cases. See: AssumeRoleRequest#roleSessionName() | |
nessie.catalog.service.s3.default-options.default-options.external-id | string | An identifier for the party assuming the role. This parameter must match the external ID configured in IAM rules that govern the assume role process for the specified role-arn. This parameter is essential in preventing the Confused Deputy problem. See: AssumeRoleRequest#externalId() | |
nessie.catalog.service.s3.default-options.default-options.client-session-duration | duration | A higher bound estimate of the expected duration of client “sessions” working with data in this bucket. A session, for example, is the lifetime of an Iceberg REST catalog object on the client side. This value is used for validating expiration times of credentials associated with the warehouse. This parameter is relevant only when client-authentication-mode is ASSUME_ROLE . |