Hi,
Dois this kibana trace analysis plugin support multi-tenant features ?
For example, if I have two applications appA and appB, and I want user1 to see traces only from appA.
Hi wassim.dhib, trace analytics doesn’t handle multi-tenants explicitly, but it has the same permission as the current user. So if security plugin is configured such that user1 can see otel-v1-apm-*appA index but not otel-v1-apm-*appB, then the data retrieved for user1’s trace-analytics should be from appA only. Let me know if it doesn’t work for you, thanks!
Hi
I tried your solution, it doesn’t work
I got this error because my tuser has no permissions on testapp2 indices :
{"error":{"root_cause":[{"type":"security_exception","reason":"no permissions for [indices:data/read/search] and User [name=tuser, backend_roles=[testapp1], requestedTenant=null]"}],"type":"security_exception","reason":"no permissions for [indices:data/read/search] and User [name=tuser, backend_roles=[testapp1], requestedTenant=null]"},"status":403}
I think that the trace analysis plugin is searching for otel-v1-apm-span* indices, so either you have permissions for all applications, or nothing works
Hi,
Is there any update on this? I’m running into the same issue as Wassim is running into. If I have one trace analytics for one tenant I can block off access to it just fine, but when I have two I get Wassim’s issue.
Are we perhaps missing something? is it possible to setup different searches for each tenant?