logoalt Hacker News

Helicone allows users to write SQL directly to a shared ClickHouse

10 pointsby justintorre75last Tuesday at 6:50 AM3 commentsview on HN

Comments

jbonatakistoday at 5:27 PM

I’ve built a similar thing against Snowflake, with one added layer: tenant-scoped views with the ID baked in, and an associated tenant-scoped role that only has read access to its own views.

It also lets you make updates to the underlying table (shared between all tenant views) and then separately update the views. As long as you aren’t making breaking schema changes you can more easily validate the changes before releasing.

sandeepkdtoday at 4:56 PM

This is an interesting topic in itself, pretty much applies to all shared spaces. The security challenge is somewhat solvable with shared (tenant based) databases, I am more worried about the noisy neighbor problem. Its really easy to write a bad query which can drastically slow down the DB.

zX41ZdbWlast Tuesday at 10:42 PM

Great article! About inserting LIMIT - we have out-of-band `limit` and `offset` settings:

https://play.clickhouse.com/docs?user=play#q=limit&name=limi...