We are exploring multitenancy with Document Level Security. We are using one index which is shared between the tenants with DLS.
GET /_cat/indices/<index-name> API, we can get the high-level information of that index. Is there any API or any way to get information, specific to a particular tenant from that index ?
@triptesh1212 Multitenancy is used to separate kibana objects, such as visualisations, dashboards and index patterns, but not indices themselves. Therefore if the user has access to a particular index, he/she will have access to it from dev tools irrespective of which tenant they are accessing from. Hope this makes sense.
Can you elaborate on your use case so I can recommend a possible solution? What sort of information are you trying to get regarding the particular tenant?
@Anthony we are trying to get % use of an index for a particular tenant (for example docs.count , pri.store.size of that index which is for that specific tenant only).
In particular, we are trying to host multitenant log and want to restrict log size tenant wise. (for example, if one index is shared between 10 tenants and we want to restrict 1 gb for each tenant)
@triptesh1212 I think you are confusing the idea behind multitenancy, as the tenant doesn’t actually store any indices, getting the size of the index will simply give you the size of the particular index. But there is no breakdown per tenant, just because it wouldn’t make any sense.
For example, if you have index logs-01 (size 1gb), and the user has write access to and he/she writes to it from tenant1. The size of the index increases (for example now 2gb). If another user accesses the same index but from different tenant (tenant2), the size of the index is still the same (2gb). Multitenancy doesn’t break the index into separate parts/indices, it just holds kibana/opensearchDashboards objects.
Therefore if you create more kibana objects (index pattern, dashboards, etc) in a particular tenant, the size of the original index (logs-01) will not increase. There will be increase in the tenant index which is used to store the kibana objects. But that’s not what you are looking to monitor I think.
Hope this clears it up
@Anthony Thanks for clarifying the doubts. For our use case I guess different index per tenant will be better approach.