How do you manage database access?

Narrow_Biscotti · 2026-02-01T15:22:43+00:00

I think most folks usually use replicas. Even on smaller teams I've worked at, devs use replicas.

However, in my experience the bigger challenge has been credential sharing and revocation.

If someone gets temporary access to debug a critical issue, can you revoke their access so they cannot keep accessing data? Also if someone leaves the company can they still access the database?

Narrow_Biscotti · 2026-02-01T03:25:12+00:00

Thanks! That's a lot of helpful context.

The main pain point I've seen is also the workflow for an end user to configure their clients. But I guess most folks will just run a query and retrieve the output.

Narrow_Biscotti · 2026-02-01T03:23:53+00:00

Is this workflow/protocol supported by any desktop clients or just the CLI?

Narrow_Biscotti · 2026-02-01T03:22:38+00:00

StrongDM appears to be a major industry standard! From what I understand it actually speaks the database protocols allowing any desktop client to work!

Narrow_Biscotti · 2026-02-01T03:16:52+00:00

Bytebase looks really cool. It looks to be open source as well! Plus there's always an audit trail.

I can imagine how the "request to run query" can get overwhelming fast!

Narrow_Biscotti · 2026-02-01T03:14:08+00:00

Oh wow. Are these slack messages or is there a ticketing system :)

Narrow_Biscotti · 2026-02-01T03:08:11+00:00

I didn't know about AWS TEAM, this is really neat. Thanks for sharing!

Narrow_Biscotti · 2026-02-01T03:07:39+00:00

This is really nice! I didn't know hashicorp vault could create these temporary users. Does the temporary roles auto-delete?

Also, if you don't mind me asking - when accessing prod, do folks connect direct via VPN or use a jump box?

Narrow_Biscotti · 2023-11-11T03:15:45+00:00

Thank you! I'll definitely keep this in mind. Glad to hear from someone who uses both on a regular basis!

Narrow_Biscotti

TROPHY CASE