We’ve used AWS Session Tokens to limit the availability time and access permissions for S3 compatible storage and it works well. Yet there is a question on how the same limitations could be applied on other cloud storage services (AzureBlob//GoogleCloud). There is a simmilar mechanisms in for Google cloud service accounts (https://cloud.google.com/iam/docs/creating-short-lived-service-account-credentials) and Azure SAS (https://docs.microsoft.com/en-us/rest/api/storageservices/delegate-access-with-shared-access-signature).
Google’s one seems to be pretty straitforward. It seems it generates .json, which could be passed to tiledb.
Is there any additional information such applications? Could it be there are some plans on adding Azure SAS integrations to tiledb?
Thank you in advance!