Temporal multi-tenancy and security

I want to use Temporal to orchestrate bioinformatics workflows in the cloud. Writing fault-tolerant workflows in Java has tremendous advantages over many of the existing bioinformatics workflow frameworks (e.g. nextflow, snakemake, etc.).

One area of interest is to allow users to bring their own compute infrastructure. We would provide a small java executable that would effectively turn their machine into a temporal activity worker pointed at our temporal server. They could then call our API to launch a workflow, which would be executed in the user namespace, and thus use the user-provided compute hardware and file-storage.

Can this architecture be made secure?

Yes, such a setup can be made secure. We have a limited support for Mutual TLS out of the box today and plan to expand it further in the near future.

How would I ensure that a client can only access task-lists belonging to a specific namespace?

Such an authorization story is not directly supported yet (requires custom code to replace the default authorizer component). We are working on a more robust authorization story as we speak.