Development of custom watchdog system for metabase access management

About project:

Client overview

A data-driven organization faced significant challenges in managing access rights across multiple Metabase instances. Their complex setup required precise control over table permissions, but manual management led to frequent errors and lacked transparency in tracking access changes. The client needed a robust solution to streamline and secure their data access management system while maintaining compliance and accountability.

Tech Stack:

Manual access management, basic access control lists (ACLs)

Tech stack after migration:

Automated permission watchdog system with Python for scripting, a database PostgreSQL for storing access rights, and a Grafana for monitoring, Alerts with python and output in slack

Time to deliver project:

8-12 Weeks

Problem

The client was struggling with managing access rights for tables in Metabase. With multiple Metabases in use, there was a high risk of errors in rights distribution. Additionally, there was no central place to view all objects accessible to Metabases, making it difficult to track and manage changes in access rights.

Inspection

To solve this, we developed a watchdog permission script that relies on a YAML document collecting all available rights to various objects. This script regularly checks the rights against this file and automatically corrects any discrepancies. If rights are mistakenly granted when creating an object in the DWH, the script removes them and notifies a designated Slack channel. To grant access rights, users now simply update the YAML document, submit it for review, and push the changes to the repository. The script then automatically assigns the correct rights, maintaining a clear history of rights distribution and cleanup, and protecting against accidental rights assignments.

Recommendation

Always monitor and control the rights you grant to users to prevent unwanted data loss or leakage. Implementing automated tools like a permission watchdog can significantly enhance security and streamline access management.

Resolution

We implemented a permission watchdog system, automating the management of access rights. This system eliminated errors in rights distribution, centralized the management of access rights, and ensured that all changes were tracked and controlled. The result was a 90% reduction in access-related errors and improved security across all Metabases.

Similar projects

Amazon Redshift
AWS DMS
HP-UX
Linux
Redshift Spectrum
AWS Backup
Python
AIX

Enterprise Database Migration and Optimization to Amazon Redshift with Disaster Recovery

BI & Data Engineering

PostgreSQL
PySpark
Airflow
Tableau
Python
Payment APIs

Building a Real-time Analytics and Data Warehousing Solution for Large-Scale Payment gateway

BI & Data Engineering

BigQuery
PySpark
Airflow
Amplitude API
AWS S3
Google Analytics
+4 more

Building a Business Intelligence Platform with Multi-Source Data Integration in Redshift

BI & Data Engineering

ETL Pipelines
Data Warehouse (DWH)
Exclusive Lock Mechanism
Signal Table

Optimization of ETL pipelines

BI & Data Engineering

Python scripts
PostgreSQL
Pandas
SQLAlchemy

Solving data loss in pipelines

BI & Data Engineering

Python scripts
Apache Airflow

Automated backup and disaster recovery system

BI & Data Engineering

Flat tables on PostgreSQL 16

Update of datawarehouse to PostgreSQL 16 with data model restructuring

BI & Data Engineering

PostgreSQL
Automated DDL Versioning System
Hashing Algorithms
Backup and Comparison Routines
Version Control

Development of DDL versioning system

BI & Data Engineering

PySpark

Optimizing Big Data Processing for Memory-Intensive PySpark Workflows

BI & Data Engineering

Custom Backfill Process
dblink

Backfill process implementation

BI & Data Engineering

Python
Metabase
PostgreSQL

Dev teams performance dashboard for tech company with 100+ developers

BI & Data Engineering

Python
Slack API
Airflow
Pandas
Signal API for delivery

Automatization of daily report delivery for different messemngers

BI & Data Engineering

Automated cross-check system
PostgreSQL
Python
Alerts in slack
Apache Airflow

Custom data quality checks for high-load payments provider

BI & Data Engineering

PostgreSQL
Python
Metabase
APIs

Automatization of dashboards and reports migration across Metabase

BI & Data Engineering

PostgreSQL
Airflow
Python
Optimized ETL Framework
Unified Data Integration Scripts

Development of unified synchronization scripts for data engineering

BI & Data Engineering

Metabase
PostgreSQL
Airflow
Python

Development of automated BI and Database cleanups

BI & Data Engineering

Python
JavaScript
Flask

Streamlining Payroll Management with a Secure Web Application for Accounting

BI & Data Engineering

PySpark
Apache Spark
PostgreSQL
Airflow

Implementing PySpark-Driven ETL for High-Performance Data Synchronization

BI & Data Engineering

Automated python scripts
Airflow DAGs

Data synchronization for high-load CRM system

BI & Data Engineering

ELK Stack
Python scripts
Apache Airflow
HashiCorp Vault

Developing a Fail-Safe Database Backup and Recovery System for High Availability

BI & Data Engineering

ELK Stack
Apache Airflow
HashiCorp Vault
Automated Error Handling

Data engineering pipelines orchestration migration from Kubernetes to Airflow

BI & Data Engineering

Do you want
the same one?

Leave a request and our manager will contact you to discuss your project and give an assessment of a similar project.

I agree to the submission and processing of my personal data.

Please enter your name

Please enter your email

Please enter valid email

Please enter valid phone number

Our website use cookies

Read our Privacy Policy.