diff --git a/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsStorageConfigurationInfo.java b/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsStorageConfigurationInfo.java index 197da698fd..f37424816b 100644 --- a/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsStorageConfigurationInfo.java +++ b/polaris-core/src/main/java/org/apache/polaris/core/storage/aws/AwsStorageConfigurationInfo.java @@ -107,6 +107,9 @@ public URI getInternalEndpointUri() { /** Flag indicating whether path-style bucket access should be forced in S3 clients. */ public abstract @Nullable Boolean getPathStyleAccess(); + /** Flag indicating whether S3 trailing checksum validation should be disabled. */ + public abstract @Nullable Boolean getDisableS3TrailingChecksum(); + /** * Flag indicating whether STS is available or not. It is modeled in the negative to simplify * support for unset values ({@code null} being interpreted as {@code false}). diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java index c5276ef6b5..6df562a48a 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/iceberg/IcebergCatalogHandler.java @@ -113,6 +113,7 @@ import org.apache.polaris.core.storage.PolarisStorageActions; import org.apache.polaris.core.storage.StorageAccessConfig; import org.apache.polaris.core.storage.StorageUtil; +import org.apache.polaris.core.storage.aws.AwsStorageConfigurationInfo; import org.apache.polaris.service.catalog.AccessDelegationMode; import org.apache.polaris.service.catalog.CatalogPrefixParser; import org.apache.polaris.service.catalog.SupportsNotifications; @@ -862,6 +863,13 @@ ALLOW_FEDERATED_CATALOGS_CREDENTIAL_VENDING, getResolvedCatalogEntity())) { actions, refreshCredentialsEndpoint, resolvedStoragePath); + + AwsStorageConfigurationInfo awsConfig = + storageAccessConfig.storageConfigurationInfo().as(AwsStorageConfigurationInfo.class); + + if (awsConfig != null && Boolean.TRUE.equals(awsConfig.getDisableS3TrailingChecksum())) { + properties.put("s3.checksum.enabled", "false"); + } Map credentialConfig = storageAccessConfig.credentials(); if (delegationModes.contains(VENDED_CREDENTIALS)) { if (!credentialConfig.isEmpty()) { diff --git a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java index 39b2f9d5f5..e1eb741af9 100644 --- a/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java +++ b/runtime/service/src/main/java/org/apache/polaris/service/catalog/io/DefaultFileIOFactory.java @@ -28,6 +28,7 @@ import org.apache.iceberg.CatalogUtil; import org.apache.iceberg.io.FileIO; import org.apache.polaris.core.storage.StorageAccessConfig; +import org.apache.polaris.core.storage.aws.AwsStorageConfigurationInfo; /** * A default FileIO factory implementation for creating Iceberg {@link FileIO} instances with @@ -59,6 +60,12 @@ public FileIO loadFileIO( properties.putAll(storageAccessConfig.credentials()); properties.putAll(storageAccessConfig.extraProperties()); properties.putAll(storageAccessConfig.internalProperties()); + AwsStorageConfigurationInfo awsConfig = + storageAccessConfig.storageConfigurationInfo().as(AwsStorageConfigurationInfo.class); + + if (awsConfig != null && Boolean.TRUE.equals(awsConfig.getDisableS3TrailingChecksum())) { + properties.put("s3.checksum.enabled", "false"); + } return loadFileIOInternal(ioImplClassName, properties); }