Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Multi-tenancy in Neptune

1

I am trying to use Neptune for my SaaS application. My application includes data from multiple users. I want to restrict the user's access and allow a user to access only to vertices/ edges that contain his data. I read AWS Neptune documentation and I couldn't find anything that relates to tenant isolation/access restriction. Is it possible to limit access within the graph vertices/edges?

Themen
DatenbankAWS Framework mit guter Struktur
Tags
Amazon NeptuneSicherheit
Sprache
English
AWS-user-1
gefragt vor 2 Jahren1123 Aufrufe
3 Antworten
1

Hello, currently the IAM policies that Neptune supports, allow access to the entire database and do not allow fine grained access control where a given user can only read certain graph elements based on a label or property key/predicate name. We are definitely interested in use cases for this level of support. At the moment you will need to manage this within your application.

AWS
AWS-KRL
beantwortet vor 2 Jahren
  • David Lee
    vor 2 Jahren

    We desperately need this feature. Implementing ACLs at the application layer is very risky.

0

According to the documentation, fine-grain access control is not support at the database/IAM level: IAM Policy Limitations

profile pictureAWS
EXPERTE
kentrad
beantwortet vor 2 Jahren
0

I know this question is a couple years old, but adding this answer as it appears high on searches for this topic. The free AWS Skill Builder Course "Data Modeling for Amazon Neptune" discusses multi-tenancy strategies that work for most ISV customers in the "Advanced Modeling Considerations" section.

AWS
AWS-BMO
beantwortet vor 6 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt