Writing own API between Grafana and database to protect database = sensible measure?

Hello everyone,

my manager thinks it would be better to write an own API for the data flow between Grafana and our database to protect the database. The database is very important.

I think this is a bad idea, but I couldn’t convince him yet.
I think it is a waste of time. It costs time, it adds additional complexity and maybe it does not even add security. Maybe it even adds security risks, because it is an additional attack surface.

Since the Grafana user is read only, there is no risk to the integrity of the database.
If Grafana is password protected, there is no risk to the confidentiality of the database.
And I guess it is also very unlikely that Grafana goes crazy and stresses the database and thereby lowering the availability of the database.

What is your opinion about this? Can someone argue why this is a good/bad idea?

Thank you very much.

I think if you database is used for other mission critical application / services than it’s not a good idea to let Grafana target that directly. I think the recommended scenario is to have Grafana access a read only mirror of your production database