There is a table my_table in Apache Iceberg. I want to allow some groups of user to write to this table but only for branches that start with analytic_ prefix. E.g. user can create analytic_task_12345 branch and write data to it.

Is it possible with pure Apache Iceberg? Is it possible with Apache Spark and Nessie?

1

There are 1 best solutions below

0
On

Nessie does have an Authorization framework that should allow this logic to be implemented.

High-level details can be found on this page: https://projectnessie.org/features/metadata_authorization/

The AuthZ rules are enforced on the Nessie Server side, so they apply to all engines, including Spark.