About Security Model
Hi folks,
I need a database cache and because I use Prisma ORM Prisma Accelerate is very nice for it.
I investigated how to ensure security of Prisma Accelerate and found:
- API key: used from application to Prisma Accelerate
- Static IP: used to fix Accelerate IP address and DB can accept only that Accelerate IP Address.
I can understand a security risk between Accelerate and DB would be tiny with Static IP.
However, communication between applications and Accelerate is authenticated only by API-key string. applications look enabled to run arbitrary SQL with API key. The risk when API key is leaked looks not small to me.
Is there any way to ensure a safety about this concern? Or is it trade-off for simplicity or usefullness?
I need a database cache and because I use Prisma ORM Prisma Accelerate is very nice for it.
I investigated how to ensure security of Prisma Accelerate and found:
- API key: used from application to Prisma Accelerate
- Static IP: used to fix Accelerate IP address and DB can accept only that Accelerate IP Address.
I can understand a security risk between Accelerate and DB would be tiny with Static IP.
However, communication between applications and Accelerate is authenticated only by API-key string. applications look enabled to run arbitrary SQL with API key. The risk when API key is leaked looks not small to me.
Is there any way to ensure a safety about this concern? Or is it trade-off for simplicity or usefullness?
