Trace Analysis and multi-tenant

Hi,

Dois this kibana trace analysis plugin support multi-tenant features ?

For example, if I have two applications appA and appB, and I want user1 to see traces only from appA.

Hi wassim.dhib, trace analytics doesn’t handle multi-tenants explicitly, but it has the same permission as the current user. So if security plugin is configured such that user1 can see otel-v1-apm-*appA index but not otel-v1-apm-*appB, then the data retrieved for user1’s trace-analytics should be from appA only. Let me know if it doesn’t work for you, thanks!

Hi

I tried your solution, it doesn’t work

I got this error because my tuser has no permissions on testapp2 indices :

{"error":{"root_cause":[{"type":"security_exception","reason":"no permissions for [indices:data/read/search] and User [name=tuser, backend_roles=[testapp1], requestedTenant=null]"}],"type":"security_exception","reason":"no permissions for [indices:data/read/search] and User [name=tuser, backend_roles=[testapp1], requestedTenant=null]"},"status":403}

I think that the trace analysis plugin is searching for otel-v1-apm-span* indices, so either you have permissions for all applications, or nothing works

Hi,

Is there any update on this? I’m running into the same issue as Wassim is running into. If I have one trace analytics for one tenant I can block off access to it just fine, but when I have two I get Wassim’s issue.

Are we perhaps missing something? is it possible to setup different searches for each tenant?