diff --git a/mkdocs/docs/configuration.md b/mkdocs/docs/configuration.md index 8302f355f..9455c3e8d 100644 --- a/mkdocs/docs/configuration.md +++ b/mkdocs/docs/configuration.md @@ -107,7 +107,7 @@ For the FileIO there are several configuration options available: | s3.access-key-id | admin | Configure the static access key id used to access the FileIO. | | s3.secret-access-key | password | Configure the static secret access key used to access the FileIO. | | s3.session-token | AQoDYXdzEJr... | Configure the static session token used to access the FileIO. | -| s3.session-name | session | An optional identifier for the assumed role session. | +| s3.role-session-name | session | An optional identifier for the assumed role session. | | s3.role-arn | arn:aws:... | AWS Role ARN. If provided instead of access_key and secret_key, temporary credentials will be fetched by assuming this role. | | s3.signer | bearer | Configure the signature version of the FileIO. | | s3.signer.uri | | Configure the remote signing uri if it differs from the catalog uri. Remote signing is only implemented for `FsspecFileIO`. The final request is sent to `/`. | @@ -440,6 +440,8 @@ configures the AWS credentials for both Glue Catalog and S3 FileIO. | client.access-key-id | admin | Configure the static access key id used to access both the Glue/DynamoDB Catalog and the S3 FileIO | | client.secret-access-key | password | Configure the static secret access key used to access both the Glue/DynamoDB Catalog and the S3 FileIO | | client.session-token | AQoDYXdzEJr... | Configure the static session token used to access both the Glue/DynamoDB Catalog and the S3 FileIO | +| client.role-session-name | session | An optional identifier for the assumed role session. | +| client.role-arn | arn:aws:... | AWS Role ARN. If provided instead of access_key and secret_key, temporary credentials will be fetched by assuming this role. | diff --git a/pyiceberg/io/__init__.py b/pyiceberg/io/__init__.py index 5aded82d7..3769c3194 100644 --- a/pyiceberg/io/__init__.py +++ b/pyiceberg/io/__init__.py @@ -60,8 +60,8 @@ AWS_ACCESS_KEY_ID = "client.access-key-id" AWS_SECRET_ACCESS_KEY = "client.secret-access-key" AWS_SESSION_TOKEN = "client.session-token" -AWS_ROLE_ARN = "aws.role-arn" -AWS_SESSION_NAME = "aws.session-name" +AWS_ROLE_ARN = "client.role-arn" +AWS_ROLE_SESSION_NAME = "client.role-session-name" S3_ENDPOINT = "s3.endpoint" S3_ACCESS_KEY_ID = "s3.access-key-id" S3_SECRET_ACCESS_KEY = "s3.secret-access-key" @@ -73,7 +73,7 @@ S3_SIGNER_ENDPOINT = "s3.signer.endpoint" S3_SIGNER_ENDPOINT_DEFAULT = "v1/aws/s3/sign" S3_ROLE_ARN = "s3.role-arn" -S3_SESSION_NAME = "s3.session-name" +S3_ROLE_SESSION_NAME = "s3.role-session-name" HDFS_HOST = "hdfs.host" HDFS_PORT = "hdfs.port" HDFS_USER = "hdfs.user" diff --git a/pyiceberg/io/pyarrow.py b/pyiceberg/io/pyarrow.py index 52a2756a3..9ab198106 100644 --- a/pyiceberg/io/pyarrow.py +++ b/pyiceberg/io/pyarrow.py @@ -86,8 +86,8 @@ AWS_ACCESS_KEY_ID, AWS_REGION, AWS_ROLE_ARN, + AWS_ROLE_SESSION_NAME, AWS_SECRET_ACCESS_KEY, - AWS_SESSION_NAME, AWS_SESSION_TOKEN, GCS_DEFAULT_LOCATION, GCS_ENDPOINT, @@ -105,8 +105,8 @@ S3_PROXY_URI, S3_REGION, S3_ROLE_ARN, + S3_ROLE_SESSION_NAME, S3_SECRET_ACCESS_KEY, - S3_SESSION_NAME, S3_SESSION_TOKEN, FileIO, InputFile, @@ -370,7 +370,7 @@ def _initialize_fs(self, scheme: str, netloc: Optional[str] = None) -> FileSyste if role_arn := get_first_property_value(self.properties, S3_ROLE_ARN, AWS_ROLE_ARN): client_kwargs["role_arn"] = role_arn - if session_name := get_first_property_value(self.properties, S3_SESSION_NAME, AWS_SESSION_NAME): + if session_name := get_first_property_value(self.properties, S3_ROLE_SESSION_NAME, AWS_ROLE_SESSION_NAME): client_kwargs["session_name"] = session_name return S3FileSystem(**client_kwargs)