EventStoreDB Ideas Portal

Ideas for improvements and new features in EventStoreDB, client libraries, and database extensions.

ADD A NEW IDEA

Security

Showing 4

Support authorisation when reading from $all

Currently, reads and subscriptions to $all require admin access, which isn't good for security. Supporting auth for $all will have performance impact when ACLs are used, but in combination with policies it could be fast enoguh because policies, un...
Alexey Zimarev 9 months ago in EventStoreDB / Dev experience / Security 0 Planned

Stream authorisation policies

ESDB has access control lists (ACLs) as the primary method to achieve granular (per stream) authorisation. However, ACLs need to be set up per stream, which is a burden for developers. Also, if the auth rules change, all the streams need to get th...
Alexey Zimarev 9 months ago in EventStoreDB / Dev experience / Security 0 Planned

Encryption At Rest

Encryption at rest is a feature that won't be immensely popular, but those who need it won't be able to use ESDB without it. Some certifications like HIPAA require encryption at rest. Encrypting data directly in the database is different compared ...
Alexey Zimarev 10 months ago in EventStoreDB / Compliance / Security 0 Planned

Multiple databases

Allow having multiple logs (databases) physically separated from each other. That would include different set of users, authorisation rules, etc. It would enable: deleting a specific database instead of cleaning up the whole cluster separate data ...
Alexey Zimarev 10 months ago in EventStoreDB / Dev experience / Operations / Security 0 Planned