Product Limitations When Using Secure Tenancy 🔗
In general, Honeycomb will continue to work the same way it does without Secure Tenancy.
However there are some limitations imposed by the Secure Proxy:
- Because the storage engine cannot look at the real content of columns, string-based derived-column functions are not available. Consults the list of available derived column functions.
- Because the storage engine cannot see the real names of columns, some things that have a default configuration (including Traces and the APM Home experience) require manual configuration.
- Because the storage engine cannot look at the real content of columns, we cannot do the sort of substring matching that would be required to make the Query History Search feature truly useful. This page shows Query History only.
- Because all team members need access to the team’s API Key in order for the browser to unmask encrypted data, redacting API keys is not available.
- When using data encryption, the maximum possible length of string columns is shortened from 65536 bytes to 49127 bytes. The proxy will silently truncate strings longer than 49127 bytes before encrypting/encoding them and sending them on to Honeycomb.
- AWS Cloudwatch Metrics cannot currently be used with Secure Tenancy.
- Because all queries are masked unconditionally before being sent to the backend, it is currently not possible to use a derived column in a query.
Derived Columns 🔗
In the Secure Tenancy model, Honeycomb does not have access to the meaning of string values for columns.
As a result, some derived column functions are not available or operate slightly differently under Secure Tenancy.
None of the string functions are available; in addition, functions that coerce strings to values will not do so.
The following functions can be used in derived column expressions.
List of Allowed Functions 🔗