From a data security perspective, could you clarify the differences between air-gapped and self-hosted Metabase setups?
During our internal prototyping of a self-hosted Metabase, we noticed multiple outbound network requests, including attempts to connect to S3 buckets. Apart from disabling anonymous data collection and possible software update checks, are there any other data collection activities?
Can you confirm whether any of users internal data is transmitted externally and the purpose of these network connections? Additionally, how does an air-gapped setup eliminate such external dependencies?
air gapping will validate the license completely off line, so you can have the paid features without outbound connections.
About the s3 call that you're seeing I would guess it's the release notes (the call we do to get the latest version available). That call will simply fail if you deploy Metabase on an isolated environment
About what we transmit: on the NON air gapped Pro/Enterprise Metabase we simply send the version you're running, the amount of users you have and the "instance id" which is a hash. On the paid air gapped version that call simply doesn't exist.
On the non paid version we just know that an instance exists in the wild, but we don't have any other data other than that