I’m curious what methods people are using to secure and sanitize their Dgraph servers that are hosting user-facing data. Especially when the same database hosts user auth data that has to be secure.
Generally create an API is enough to have total control of who accesses the Dgraph DB. Create an authentication model with JWT token or some other solution. Use Docker/k8s (they are secure by design) and a simple firewall. For me, this way is safe.
BTW, ACL are coming.
Is there a target version for ACLs? I see a few old discussions about it and there seems to be code for ACLs in the master branch on Github but I don’t see any recent mention of it.
It’ll be released probably in v1.1