For APEx and EarthCODE it would be good to manage authentication and authorization to the assets of the STAC items registered in the EOEPCA catalogue.
The general idea is that platform providers would allow access only to some users/groups to the collections in the EOEPCA catalogue. The users than can:
download/access this data directly
submit processing to this data
Main issues are on how to provide this in a way that allows seamless access from any client (e.g. GDAL) and transparently into data execution requests. A possibility is using pre-signed URLs, but generating them and validating them may require some development effort in several BBs (e.g. catalogue , workspace storage controller, IAM, etc...)
For APEx and EarthCODE it would be good to manage authentication and authorization to the assets of the STAC items registered in the EOEPCA catalogue.
The general idea is that platform providers would allow access only to some users/groups to the collections in the EOEPCA catalogue. The users than can:
Main issues are on how to provide this in a way that allows seamless access from any client (e.g. GDAL) and transparently into data execution requests. A possibility is using pre-signed URLs, but generating them and validating them may require some development effort in several BBs (e.g. catalogue , workspace storage controller, IAM, etc...)
Further considerations are into the following page: https://eoepca.readthedocs.io/projects/architecture/en/feature-http-asset-access/reference-architecture/http-asset-access/