by tagorenathv
Hey team 馃憢
There鈥檚 a GitHub discussion asking for a read-only / scoped API key just for metrics & monitoring, instead of having to use the service_role key (which is way too powerful for things like Grafana or Datadog).
Using service_role for metrics is risky since it bypasses RLS and gives full access. A dedicated metrics / monitoring key would be much safer and cleaner.<:supafire:979110896762757121>
Link to the discussion if you want to chime in: https://github.com/orgs/supabase/discussions/42418
The user requests a read-only, scoped API key for metrics and monitoring to avoid using the powerful service_role key, which poses security risks. They suggest this key should also access internal statistics tables in Postgres for comprehensive monitoring needs. The discussion is ongoing on GitHub.
I would also like for that custom role to have access to internal statistics table in Postgres for example, so this key encompasses all monitoring needs, not just the privileged endpoints they expose.
Reason: our product DBM uses those statistics for our offering which honestly is 100x more useful than just metrics. Other products in the same category will have the same issue or even if you want to build something yourself, overall I think its a net benefit for everyone if we increased the scope of what the key could access
There is some movement. Please check thread for updates