Unless I’m missing something, the only way to limit user access to databases is by creating an entirely separate instance. Are there plans to control permissions of users to only access limited Databases?
We’ve tried to optimize the current version of Metabase for companies on the smaller and simpler side.
In general, we’ve been trying to make each Metabase instance lightweight enough that running several isn’t too crazy, while we put together a permissions framework that keeps the admin experience lightweight.
If you’re comfortable, do you mind sharing what you have in mind as far as separating DBs? Is this by job role, department or something more exotic?
My use case is probably a bit out of the norm but I’d think the result would probably be somewhat ubiquitous for any administrator wanting to give data access to groups of people.
In my case, I’ve created separate databases for clients, each containing sensitive information and would like to give them the option to login, or at least get daily pulses from the data. Creating a separate instance for each would likely be too much of a hassle as they aren’t going to be heavy-users.
I don’t have a need for creation of new permissions or user schemas: just limiting access to the DBs where users have login credentials.
This is also something that our team would be interested in learning about. We already provide basic BI inside of our multitenant SaaS application but we’ve reached the point of diminishing returns for our team to continue to create these tools ourselves. Instead we’d like to leverage a project like Metabase for our customers, but a core requirement is each customer (or “tenant”) can only access data associated with their accounts. The simplest idea I’ve come up with so far is to spin up a heroku instance for each with setting pre-configured but there is likely a better long-term solution.
Similar to this thread’s question is metabase available to hire for custom development and deployment?
@sameer Maybe you could help in another way – could you point us / me toward docs or a path to deploy metabase with settings preconfigured? In other words, it’d be ideal for us to be able to spin up a box via heroku or EB that allows us to define:
- user account(s)
- connector to data source
- a dashboard with a few cards sourced from questions
This would be a great starting point for us to do a proof of concept that this could work for multi tenant.
I’ve found a couple things on this topic:
- Sample config for heroku: https://github.com/metabase/metabase-deploy/blob/master/bin/start
- Configuring metabase app database: https://github.com/metabase/metabase/blob/2d94eda17fea29f417a101ddbebded9edc3113a7/docs/operations-guide/start.md#configuring-the-metabase-application-database
So if I’m understanding correctly, we could introspect the metabase configuration saved in the local H2 database to get an idea of the structure. From there, we could modify to populate this local app config DB programmatically when a new tenant needs to spin this up.
Would that be the right path? I can’t seem to find any docs that spec how the metabase application config is stored or can/should be manually modified outside of the GUI.
Opened an issue for that here - https://github.com/metabase/metabase/issues/2052
Regarding custom dev work, can you send me a private message so we can talk offline? Or alternatively, help us test out our new contact form at http://www.metabase.com/services/ =)
Hi Metabase team,
We are looking for db permissioning at user level as well. We have many teams in our company, as well as 3rd party partners that we work with. Each team/partner should only access their own set of databases.
We have over 10+ teams in our company, and each team might just be 5-10 people. Setting up a new instance for each team seems a bit of an overkill. We are using AWS beanstalk for deployment, which has been great, but I would assume launching new instance will spin up more machines and more rds, which would be costly.
A mapping between a user and all the databases he has access to doesn’t feel too complex. Of course, even better would be to have a user group, where we can configure access based on this group.
The lacking of this feature is causing us from releasing Metabase for the entire company. Right now we have only release this to certain teams that have permission to access all the data.
We have created in Metabase a group which has Unrestricted Access to a Redshift database. This database has a dozen schemas. This Metabase group also has “Can write raw queries” SQL access. We want to keep SQL access, however we want to limit, for this group, access to one of the schemas in the database (let’s call it “PII”). We have other Metabase groups that are permitted to access the PII schema. How can we limit access to the PII schema while continuing to allow raw query SQL access? Whenever I try to limit access I get this message:
Group 1 will be denied access to 1 table in Reshift database. Group 1 will no longer be able to read or write native queries for Redshift database. Are you sure you want to do this?
It seems like the raw query SQL access is an all-or-nothing approach. Is the SQL query engine unable to respect the table/schema permissions set in the Admin Data Permissions?