Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Multi-tenancy in Neptune

1

I am trying to use Neptune for my SaaS application. My application includes data from multiple users. I want to restrict the user's access and allow a user to access only to vertices/ edges that contain his data. I read AWS Neptune documentation and I couldn't find anything that relates to tenant isolation/access restriction. Is it possible to limit access within the graph vertices/edges?

Argomenti
DatabaseAWS Well-Architected Framework
Tag
Amazon NeptuneSicurezza
Lingua
English
AWS-user-1
posta 2 anni fa1122 visualizzazioni
3 Risposte
1

Hello, currently the IAM policies that Neptune supports, allow access to the entire database and do not allow fine grained access control where a given user can only read certain graph elements based on a label or property key/predicate name. We are definitely interested in use cases for this level of support. At the moment you will need to manage this within your application.

AWS
AWS-KRL
con risposta 2 anni fa
  • David Lee
    2 anni fa

    We desperately need this feature. Implementing ACLs at the application layer is very risky.

0

According to the documentation, fine-grain access control is not support at the database/IAM level: IAM Policy Limitations

profile pictureAWS
ESPERTO
kentrad
con risposta 2 anni fa
0

I know this question is a couple years old, but adding this answer as it appears high on searches for this topic. The free AWS Skill Builder Course "Data Modeling for Amazon Neptune" discusses multi-tenancy strategies that work for most ISV customers in the "Advanced Modeling Considerations" section.

AWS
AWS-BMO
con risposta 6 mesi fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente