Couchbase Bucket Security

I am working on an application covered under HIPAA / HITECH regulations. I would like to have unique authentication for each application that accesses a Couchbase bucket.

At present, authentication appears to use only bucket name and password, requiring all applications that access the bucket to share the password.

Is there a bucket configuration to change this, or is this a future roadmap item?

1 Like

Hi Andrew, I can appreciate your concern and thanks for bring this up. You’re right currently we have this limitation of single admin role for accessing the bucket. This will need to expand out to a full range of user management functionality. It’s in our roadmap we continue to invest in security enhancements that will be made with each release ranging from security fixes to security enhancements.

Thanks Anil, Do you have a published roadmap with these items on it - I have looked, but only found the ticket backlog?

Hi Andrew, Hi Anil,

I see that this post has about HIPAA. I would to clarify if Couchbase is HIPAA complaint. Can you please confirm?


Hi Kishore, Andrew,

Thank you for your feedback.

Yes, providing multiple bucket users is on medium to long term future roadmap. Being compliant depends on an auditor evaluating the system and deeming it as compliant - Can you share your database compliancy requirements for HIPAA?

Thank you,
Don Pinto
Sr. Product Manager, Server Team