Skip to content
New: see your fit and get a tailored quote in minutes.Try the estimator
Menu

Pelajaran 10 / 17

Database-enforced isolation

Tenants are kept apart at the database itself, with Postgres row-level security (RLS) set to FORCE, fail-closed and transaction-scoped. This is the most defensible part of the platform's security story. Key points:

  • Isolation is enforced in the database, not by app-layer filtering you have to trust. The guarantee holds even if application code has a bug.
  • RLS FORCE means even a privileged connection is subject to the row-level rules, so a query cannot quietly read across tenants.
  • A grant is bounded by tenant. Access governance and connectors all sit inside that boundary; a grant cannot reach across tenants because the database will not let it.