At my company, i use Elasticsearch to store data of multiple tenants, and go with the approach using 1 index to store 1 document type for all tenants.
I'm adopting Elasticsearch document level security, and all read requests are protected using DLS policy.
Each read request will have a signed token containing the tenant_id, and we have policy to enforce filter document.tenant_id=tokenclaim.tenant_id => There is no way user from tenant_1 can read data from other tenant.
But DLS does not apply for write request, and for indexing operation, there is no way to protect one document with tenant_1's id from being overwritten to a tenant_2's id, if anything wrong happen in our code (mostly from human). I'm finding a way to prevent that, or at least, have a reliable way to monitor it, so i would like to hear some suggestions. Thanks
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.