{"id":2021,"date":"2024-06-28T18:09:29","date_gmt":"2024-06-28T18:09:29","guid":{"rendered":"https:\/\/www.w3computing.com\/articles\/?p=2021"},"modified":"2024-06-28T18:09:33","modified_gmt":"2024-06-28T18:09:33","slug":"implementing-multi-tenant-databases-with-postgresql-row-security","status":"publish","type":"post","link":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/","title":{"rendered":"Implementing Multi-Tenant Databases with PostgreSQL Row Security"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Multi-tenant applications are increasingly common as businesses aim to provide services to multiple customers from a single application instance. This approach not only optimizes resource usage but also simplifies maintenance and updates. One of the key challenges in multi-tenant architectures is ensuring data isolation and security among tenants. PostgreSQL, with its advanced features, provides robust solutions for implementing multi-tenant databases. In this tutorial, we&#8217;ll explore how to implement multi-tenant databases using PostgreSQL&#8217;s Row-Level Security (RLS) feature.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. Introduction to Multi-Tenant Architectures<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What is Multi-Tenancy?<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Multi-tenancy is a software architecture where a single instance of a software application serves multiple customers (tenants). Each tenant&#8217;s data is isolated and remains invisible to other tenants, providing privacy and security.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Benefits of Multi-Tenancy<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Cost Efficiency:<\/strong> Shared infrastructure reduces operational costs.<\/li>\n\n\n\n<li><strong>Ease of Maintenance:<\/strong> Centralized updates and maintenance.<\/li>\n\n\n\n<li><strong>Scalability:<\/strong> Efficient resource utilization allows for easy scaling.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Types of Multi-Tenancy<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li><strong>Database Per Tenant:<\/strong> Each tenant has its own database.<\/li>\n\n\n\n<li><strong>Schema Per Tenant:<\/strong> Each tenant has its own schema within a shared database.<\/li>\n\n\n\n<li><strong>Table Per Tenant:<\/strong> A single table contains all tenants&#8217; data, distinguished by a tenant identifier.<\/li>\n<\/ol>\n\n\n\n<p class=\"wp-block-paragraph\">In this tutorial, we focus on the Table Per Tenant model, leveraging PostgreSQL&#8217;s Row-Level Security to ensure data isolation.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2. PostgreSQL Row-Level Security Overview<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Row-Level Security (RLS) in PostgreSQL allows fine-grained control over which rows users can access or modify in a table. RLS policies can be defined to restrict data access based on the current user&#8217;s identity or other criteria.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Key Concepts of RLS<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Policies:<\/strong> Define rules for row access.<\/li>\n\n\n\n<li><strong>Roles:<\/strong> Assign roles to users to enforce policies.<\/li>\n\n\n\n<li><strong>Security Barrier:<\/strong> Ensures that policies are applied correctly during query execution.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Enabling RLS<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">RLS must be explicitly enabled on a table, and policies must be defined to control access.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-1\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">ALTER<\/span> <span class=\"hljs-keyword\">TABLE<\/span> your_table <span class=\"hljs-keyword\">ENABLE<\/span> <span class=\"hljs-keyword\">ROW<\/span> <span class=\"hljs-keyword\">LEVEL<\/span> <span class=\"hljs-keyword\">SECURITY<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-1\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h2 class=\"wp-block-heading\">3. Setting Up PostgreSQL for Multi-Tenancy<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Creating the Database<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">First, let&#8217;s set up a PostgreSQL database for our multi-tenant application.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-2\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">DATABASE<\/span> multitenant_db;\n\\c multitenant_db;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-2\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Creating the Tenant Table<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">We&#8217;ll create a table to store tenant information.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-3\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">TABLE<\/span> tenants (\n    tenant_id <span class=\"hljs-built_in\">SERIAL<\/span> PRIMARY <span class=\"hljs-keyword\">KEY<\/span>,\n    tenant_name <span class=\"hljs-built_in\">VARCHAR<\/span>(<span class=\"hljs-number\">255<\/span>) <span class=\"hljs-keyword\">NOT<\/span> <span class=\"hljs-literal\">NULL<\/span>\n);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-3\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Creating the Data Table<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Next, we create a table to store data for all tenants. This table includes a <code>tenant_id<\/code> column to identify the tenant associated with each row.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-4\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">TABLE<\/span> tenant_data (\n    data_id <span class=\"hljs-built_in\">SERIAL<\/span> PRIMARY <span class=\"hljs-keyword\">KEY<\/span>,\n    tenant_id <span class=\"hljs-built_in\">INT<\/span> <span class=\"hljs-keyword\">REFERENCES<\/span> tenants(tenant_id),\n    <span class=\"hljs-keyword\">data<\/span> <span class=\"hljs-built_in\">TEXT<\/span> <span class=\"hljs-keyword\">NOT<\/span> <span class=\"hljs-literal\">NULL<\/span>\n);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-4\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Setting Up Users and Roles<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">We&#8217;ll create roles and users for our application. Each tenant will have a separate role.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-5\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">ROLE<\/span> tenant_role;\n<span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">USER<\/span> tenant_user <span class=\"hljs-keyword\">WITH<\/span> <span class=\"hljs-keyword\">PASSWORD<\/span> <span class=\"hljs-string\">'password'<\/span>;\n<span class=\"hljs-keyword\">GRANT<\/span> tenant_role <span class=\"hljs-keyword\">TO<\/span> tenant_user;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-5\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h2 class=\"wp-block-heading\">4. Implementing Row-Level Security<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Enabling RLS on the Data Table<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Enable RLS on the <code>tenant_data<\/code> table.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-6\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">ALTER<\/span> <span class=\"hljs-keyword\">TABLE<\/span> tenant_data <span class=\"hljs-keyword\">ENABLE<\/span> <span class=\"hljs-keyword\">ROW<\/span> <span class=\"hljs-keyword\">LEVEL<\/span> <span class=\"hljs-keyword\">SECURITY<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-6\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Creating RLS Policies<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Define policies to control row access based on the tenant ID.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-7\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">POLICY<\/span> tenant_policy <span class=\"hljs-keyword\">ON<\/span> tenant_data\n    <span class=\"hljs-keyword\">USING<\/span> (tenant_id = current_setting(<span class=\"hljs-string\">'app.current_tenant'<\/span>)::<span class=\"hljs-built_in\">INT<\/span>);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-7\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Setting the Current Tenant<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">For each session, set the current tenant using PostgreSQL session variables.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-8\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">SET<\/span> app.current_tenant = <span class=\"hljs-string\">'1'<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-8\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Testing the Configuration<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Insert data for different tenants and test access.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-9\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-comment\">-- Insert data for tenant 1<\/span>\n<span class=\"hljs-keyword\">INSERT<\/span> <span class=\"hljs-keyword\">INTO<\/span> tenant_data (tenant_id, <span class=\"hljs-keyword\">data<\/span>) <span class=\"hljs-keyword\">VALUES<\/span> (<span class=\"hljs-number\">1<\/span>, <span class=\"hljs-string\">'Tenant 1 Data'<\/span>);\n\n<span class=\"hljs-comment\">-- Insert data for tenant 2<\/span>\n<span class=\"hljs-keyword\">INSERT<\/span> <span class=\"hljs-keyword\">INTO<\/span> tenant_data (tenant_id, <span class=\"hljs-keyword\">data<\/span>) <span class=\"hljs-keyword\">VALUES<\/span> (<span class=\"hljs-number\">2<\/span>, <span class=\"hljs-string\">'Tenant 2 Data'<\/span>);\n\n<span class=\"hljs-comment\">-- Set current tenant to 1<\/span>\n<span class=\"hljs-keyword\">SET<\/span> app.current_tenant = <span class=\"hljs-string\">'1'<\/span>;\n\n<span class=\"hljs-comment\">-- Select data (should only return data for tenant 1)<\/span>\n<span class=\"hljs-keyword\">SELECT<\/span> * <span class=\"hljs-keyword\">FROM<\/span> tenant_data;\n\n<span class=\"hljs-comment\">-- Set current tenant to 2<\/span>\n<span class=\"hljs-keyword\">SET<\/span> app.current_tenant = <span class=\"hljs-string\">'2'<\/span>;\n\n<span class=\"hljs-comment\">-- Select data (should only return data for tenant 2)<\/span>\n<span class=\"hljs-keyword\">SELECT<\/span> * <span class=\"hljs-keyword\">FROM<\/span> tenant_data;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-9\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h2 class=\"wp-block-heading\">5. Tenant Isolation Strategies<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Schema Per Tenant<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Another approach is to use separate schemas for each tenant. This provides better isolation but can increase complexity.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-10\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-comment\">-- Create schema for tenant 1<\/span>\n<span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">SCHEMA<\/span> tenant1;\n\n<span class=\"hljs-comment\">-- Create schema for tenant 2<\/span>\n<span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">SCHEMA<\/span> tenant2;\n\n<span class=\"hljs-comment\">-- Create tables within schemas<\/span>\n<span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">TABLE<\/span> tenant1.tenant_data (\n    data_id <span class=\"hljs-built_in\">SERIAL<\/span> PRIMARY <span class=\"hljs-keyword\">KEY<\/span>,\n    <span class=\"hljs-keyword\">data<\/span> <span class=\"hljs-built_in\">TEXT<\/span> <span class=\"hljs-keyword\">NOT<\/span> <span class=\"hljs-literal\">NULL<\/span>\n);\n\n<span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">TABLE<\/span> tenant2.tenant_data (\n    data_id <span class=\"hljs-built_in\">SERIAL<\/span> PRIMARY <span class=\"hljs-keyword\">KEY<\/span>,\n    <span class=\"hljs-keyword\">data<\/span> <span class=\"hljs-built_in\">TEXT<\/span> <span class=\"hljs-keyword\">NOT<\/span> <span class=\"hljs-literal\">NULL<\/span>\n);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-10\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Hybrid Approach<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">A hybrid approach combines the Table Per Tenant and Schema Per Tenant models, providing flexibility and scalability.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">6. Performance Considerations<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Indexing<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Ensure that the <code>tenant_id<\/code> column is indexed for efficient query performance.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-11\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">INDEX<\/span> idx_tenant_id <span class=\"hljs-keyword\">ON<\/span> tenant_data(tenant_id);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-11\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Partitioning<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Consider partitioning large tables by tenant to improve performance.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-12\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">TABLE<\/span> tenant_data (\n    data_id <span class=\"hljs-built_in\">SERIAL<\/span> PRIMARY <span class=\"hljs-keyword\">KEY<\/span>,\n    tenant_id <span class=\"hljs-built_in\">INT<\/span> <span class=\"hljs-keyword\">NOT<\/span> <span class=\"hljs-literal\">NULL<\/span>,\n    <span class=\"hljs-keyword\">data<\/span> <span class=\"hljs-built_in\">TEXT<\/span> <span class=\"hljs-keyword\">NOT<\/span> <span class=\"hljs-literal\">NULL<\/span>\n) <span class=\"hljs-keyword\">PARTITION<\/span> <span class=\"hljs-keyword\">BY<\/span> <span class=\"hljs-keyword\">LIST<\/span> (tenant_id);\n\n<span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">TABLE<\/span> tenant_data_1 <span class=\"hljs-keyword\">PARTITION<\/span> <span class=\"hljs-keyword\">OF<\/span> tenant_data <span class=\"hljs-keyword\">FOR<\/span> <span class=\"hljs-keyword\">VALUES<\/span> <span class=\"hljs-keyword\">IN<\/span> (<span class=\"hljs-number\">1<\/span>);\n<span class=\"hljs-keyword\">CREATE<\/span> <span class=\"hljs-keyword\">TABLE<\/span> tenant_data_2 <span class=\"hljs-keyword\">PARTITION<\/span> <span class=\"hljs-keyword\">OF<\/span> tenant_data <span class=\"hljs-keyword\">FOR<\/span> <span class=\"hljs-keyword\">VALUES<\/span> <span class=\"hljs-keyword\">IN<\/span> (<span class=\"hljs-number\">2<\/span>);<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-12\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Connection Pooling<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Use connection pooling to manage database connections efficiently. Tools like PgBouncer can help.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">7. Monitoring and Maintenance<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Monitoring Queries<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Use PostgreSQL&#8217;s monitoring tools to keep track of query performance and identify bottlenecks.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-13\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\"><span class=\"hljs-keyword\">SELECT<\/span>\n    <span class=\"hljs-keyword\">query<\/span>,\n    calls,\n    total_time,\n    <span class=\"hljs-keyword\">rows<\/span>\n<span class=\"hljs-keyword\">FROM<\/span>\n    pg_stat_statements\n<span class=\"hljs-keyword\">ORDER<\/span> <span class=\"hljs-keyword\">BY<\/span>\n    total_time <span class=\"hljs-keyword\">DESC<\/span>\n<span class=\"hljs-keyword\">LIMIT<\/span> <span class=\"hljs-number\">10<\/span>;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-13\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Backups and Disaster Recovery<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Implement regular backups and disaster recovery plans to ensure data integrity and availability.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-14\" data-shcb-language-name=\"Bash\" data-shcb-language-slug=\"bash\"><span><code class=\"hljs language-bash\">pg_dump multitenant_db &gt; multitenant_db_backup.sql<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-14\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">Bash<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">bash<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h3 class=\"wp-block-heading\">Regular Maintenance<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Perform regular maintenance tasks such as vacuuming and analyzing tables to keep the database performing optimally.<\/p>\n\n\n<pre class=\"wp-block-code\" aria-describedby=\"shcb-language-15\" data-shcb-language-name=\"SQL (Structured Query Language)\" data-shcb-language-slug=\"sql\"><span><code class=\"hljs language-sql\">VACUUM <span class=\"hljs-keyword\">ANALYZE<\/span> tenant_data;<\/code><\/span><small class=\"shcb-language\" id=\"shcb-language-15\"><span class=\"shcb-language__label\">Code language:<\/span> <span class=\"shcb-language__name\">SQL (Structured Query Language)<\/span> <span class=\"shcb-language__paren\">(<\/span><span class=\"shcb-language__slug\">sql<\/span><span class=\"shcb-language__paren\">)<\/span><\/small><\/pre>\n\n\n<h2 class=\"wp-block-heading\">8. Conclusion<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Implementing multi-tenant databases with PostgreSQL&#8217;s Row-Level Security provides a robust and flexible solution for managing multiple tenants within a single application instance. By leveraging RLS, you can ensure data isolation and security while maintaining the benefits of a shared infrastructure.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Multi-tenant applications are increasingly common as businesses aim to provide services to multiple customers from a single application instance. This approach not only optimizes resource usage but also simplifies maintenance and updates. One of the key challenges in multi-tenant architectures is ensuring data isolation and security among tenants. PostgreSQL, with its advanced features, provides robust [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[14,22],"tags":[],"class_list":["post-2021","post","type-post","status-publish","format-standard","category-database-development","category-postgresql","entry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Implementing Multi-Tenant Databases with PostgreSQL Row Security<\/title>\n<meta name=\"description\" content=\"Multi-tenant applications are increasingly common as businesses aim to provide services to multiple customers from a single application instance.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Implementing Multi-Tenant Databases with PostgreSQL Row Security\" \/>\n<meta property=\"og:description\" content=\"Multi-tenant applications are increasingly common as businesses aim to provide services to multiple customers from a single application instance.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-28T18:09:29+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-06-28T18:09:33+00:00\" \/>\n<meta name=\"author\" content=\"w3compadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"w3compadmin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"TechArticle\",\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/implementing-multi-tenant-databases-with-postgresql-row-security\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/implementing-multi-tenant-databases-with-postgresql-row-security\\\/\"},\"author\":{\"name\":\"w3compadmin\",\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/#\\\/schema\\\/person\\\/a550b3e20d78bb4f79b7c6b7b53f0561\"},\"headline\":\"Implementing Multi-Tenant Databases with PostgreSQL Row Security\",\"datePublished\":\"2024-06-28T18:09:29+00:00\",\"dateModified\":\"2024-06-28T18:09:33+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/implementing-multi-tenant-databases-with-postgresql-row-security\\\/\"},\"wordCount\":612,\"articleSection\":[\"Database Development\",\"PostgreSQL\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/implementing-multi-tenant-databases-with-postgresql-row-security\\\/\",\"url\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/implementing-multi-tenant-databases-with-postgresql-row-security\\\/\",\"name\":\"Implementing Multi-Tenant Databases with PostgreSQL Row Security\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/#website\"},\"datePublished\":\"2024-06-28T18:09:29+00:00\",\"dateModified\":\"2024-06-28T18:09:33+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/#\\\/schema\\\/person\\\/a550b3e20d78bb4f79b7c6b7b53f0561\"},\"description\":\"Multi-tenant applications are increasingly common as businesses aim to provide services to multiple customers from a single application instance.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/implementing-multi-tenant-databases-with-postgresql-row-security\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/implementing-multi-tenant-databases-with-postgresql-row-security\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/implementing-multi-tenant-databases-with-postgresql-row-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Articles Home\",\"item\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Database Development\",\"item\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/database-development\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Implementing Multi-Tenant Databases with PostgreSQL Row Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/#website\",\"url\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/\",\"name\":\"Developer Articles Hub\",\"description\":\"\",\"alternateName\":\"Developer Articles\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/#\\\/schema\\\/person\\\/a550b3e20d78bb4f79b7c6b7b53f0561\",\"name\":\"w3compadmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/wp-content\\\/litespeed\\\/avatar\\\/bd481d404e42caa2763662a3bfe825f8.jpg?ver=1780141266\",\"url\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/wp-content\\\/litespeed\\\/avatar\\\/bd481d404e42caa2763662a3bfe825f8.jpg?ver=1780141266\",\"contentUrl\":\"https:\\\/\\\/www.w3computing.com\\\/articles\\\/wp-content\\\/litespeed\\\/avatar\\\/bd481d404e42caa2763662a3bfe825f8.jpg?ver=1780141266\",\"caption\":\"w3compadmin\"},\"sameAs\":[\"http:\\\/\\\/w3computing.com\\\/articles\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Implementing Multi-Tenant Databases with PostgreSQL Row Security","description":"Multi-tenant applications are increasingly common as businesses aim to provide services to multiple customers from a single application instance.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/","og_locale":"en_US","og_type":"article","og_title":"Implementing Multi-Tenant Databases with PostgreSQL Row Security","og_description":"Multi-tenant applications are increasingly common as businesses aim to provide services to multiple customers from a single application instance.","og_url":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/","article_published_time":"2024-06-28T18:09:29+00:00","article_modified_time":"2024-06-28T18:09:33+00:00","author":"w3compadmin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"w3compadmin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"TechArticle","@id":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/#article","isPartOf":{"@id":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/"},"author":{"name":"w3compadmin","@id":"https:\/\/www.w3computing.com\/articles\/#\/schema\/person\/a550b3e20d78bb4f79b7c6b7b53f0561"},"headline":"Implementing Multi-Tenant Databases with PostgreSQL Row Security","datePublished":"2024-06-28T18:09:29+00:00","dateModified":"2024-06-28T18:09:33+00:00","mainEntityOfPage":{"@id":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/"},"wordCount":612,"articleSection":["Database Development","PostgreSQL"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/","url":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/","name":"Implementing Multi-Tenant Databases with PostgreSQL Row Security","isPartOf":{"@id":"https:\/\/www.w3computing.com\/articles\/#website"},"datePublished":"2024-06-28T18:09:29+00:00","dateModified":"2024-06-28T18:09:33+00:00","author":{"@id":"https:\/\/www.w3computing.com\/articles\/#\/schema\/person\/a550b3e20d78bb4f79b7c6b7b53f0561"},"description":"Multi-tenant applications are increasingly common as businesses aim to provide services to multiple customers from a single application instance.","breadcrumb":{"@id":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.w3computing.com\/articles\/implementing-multi-tenant-databases-with-postgresql-row-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Articles Home","item":"https:\/\/www.w3computing.com\/articles\/"},{"@type":"ListItem","position":2,"name":"Database Development","item":"https:\/\/www.w3computing.com\/articles\/database-development\/"},{"@type":"ListItem","position":3,"name":"Implementing Multi-Tenant Databases with PostgreSQL Row Security"}]},{"@type":"WebSite","@id":"https:\/\/www.w3computing.com\/articles\/#website","url":"https:\/\/www.w3computing.com\/articles\/","name":"Developer Articles Hub","description":"","alternateName":"Developer Articles","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.w3computing.com\/articles\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.w3computing.com\/articles\/#\/schema\/person\/a550b3e20d78bb4f79b7c6b7b53f0561","name":"w3compadmin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.w3computing.com\/articles\/wp-content\/litespeed\/avatar\/bd481d404e42caa2763662a3bfe825f8.jpg?ver=1780141266","url":"https:\/\/www.w3computing.com\/articles\/wp-content\/litespeed\/avatar\/bd481d404e42caa2763662a3bfe825f8.jpg?ver=1780141266","contentUrl":"https:\/\/www.w3computing.com\/articles\/wp-content\/litespeed\/avatar\/bd481d404e42caa2763662a3bfe825f8.jpg?ver=1780141266","caption":"w3compadmin"},"sameAs":["http:\/\/w3computing.com\/articles"]}]}},"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"w3compadmin","author_link":"https:\/\/www.w3computing.com\/articles\/author\/w3compadmin\/"},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/posts\/2021","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/comments?post=2021"}],"version-history":[{"count":2,"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/posts\/2021\/revisions"}],"predecessor-version":[{"id":2023,"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/posts\/2021\/revisions\/2023"}],"wp:attachment":[{"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/media?parent=2021"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/categories?post=2021"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.w3computing.com\/articles\/wp-json\/wp\/v2\/tags?post=2021"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}