TCP #107: Database Architecture for Multi-Tenant Platforms: The Tradeoffs Nobody Explains Well
What I would build differently and the one rule I enforce at tenant onboarding now.
You can also read my newsletters from the Substack mobile app and be notified when a new issue is available.
When we onboarded our ninth external tenant, we ran into a wall.
A compliance audit required per-tenant evidence of data isolation. Our pooled RDS instance, with row-level security as the only enforcement layer, could not produce that evidence cleanly.
We spent six weeks generating audit documentation that a siloed architecture would have produced automatically.
The database architecture decision I made at tenant two was still costing us at tenant nine.
This is how I evaluate it now.
THREE DATABASE ISOLATION MODELS. ONE CHOICE. NO EASY UNDO.
Every multi-tenant platform on AWS eventually faces the same fork: how do you store tenant data?
Three models dominate the decision.
