Attribute data to a token

I am setting up InfluxDB 2.0 on a server which will receive data from multiple untrusted telegraf endpoints.
Each telegraf endpoint will have its own token which can only write to the telegraf_data bucket.

Is there a way to filter what data telegraf is allowed to send back such that the token t1 for host h1 can only write data to the telegraf_bucket with the host field set to h1.
If this is not doable is there a way to attribute data to a token so this can be audited later?

From the documentation the only way I can think of doing something like this would be to create a bucket for each host.

Any help/ideas on this would be very welcome.

Hello @reshadp,
Yes, you can only scope tokens to specific buckets at the moment. I think higher granularity auth will be provided in the future.
However, you might also be interested in this,

Hi @Anaisdg,
The naem prefix/suffix and tags are interesting options.
I will check them out.
Looking forward to more granular auth in the future :+1: .

1 Like

This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.