Add a service/realm-level FeatureConfiguration flag which gates setting custom endpoint/stsEndpoint in StorageConfig #2436
Description
Is your feature request related to a problem? Please describe.
#1913 added support for customizing S3 and STS endpoints, which is very useful for non-AWS S3-compatible support.
However, since Polaris ultimately serves two different personas of users:
- Polaris service owners
- Catalog users
The usage of custom endpoints requires multi-party consent from both personas. At a minimum this means we need a FeatureConfiguration that allows Service Owners to decide whether to allow their "Catalog users" to set custom s3/sts endpoints. That would be sufficient control for simple well-contained Polaris deployments to enable the feature without impacting more complex multi-tenant deployments.
For more complex architectures involving partial or no-trust between the service owner and catalog users, we probably also want to introduce some kind of allowlisting mechanism so that the custom endpoints still need to follow a well-defined structure.
Describe the solution you'd like
No response
Describe alternatives you've considered
No response
Additional context
No response