Hasty Briefsbeta

Bilingual

Helicone allows users to write SQL directly to a shared ClickHouse

18 hours ago
  • #multi-tenancy
  • #SQL security
  • #ClickHouse
  • Introducing HQL (Helicone Query Language), a SQL editor for customers to run queries directly against a ClickHouse cluster using a shared table.
  • Ensuring security by implementing row policies and custom settings in ClickHouse to enforce data isolation between organizations at the database level.
  • Creating a dedicated user and attaching a row policy to filter rows based on organization ID via custom settings, preventing cross-tenant data access.
  • Using ClickHouse Cloud's fixed custom setting prefix (SQL_) to set organization-specific query parameters securely via the HTTP interface.
  • Enhancing security with additional settings (e.g., readonly, timeouts) to prevent misuse and parsing queries for ergonomics rather than security.
  • Revoking unnecessary privileges from the dedicated user to restrict access and relying on database-enforced security over application-side parsing.
  • Conducting thorough testing, including subqueries and adversarial queries, to validate the row policy's effectiveness without app-side filtering.
  • Achieving fail-closed behavior where missing settings cause errors instead of data leaks, with admin tools using separate connections to bypass policies.