Multi Tenancy

Implement tenant-level isolation with LangDB’s robust multitenancy architecture, featuring row policies in ClickHouse and secure metadata controls in Postgres.

This document outlines the multitenancy implementation in LangDB, explaining how data isolation is maintained across different tenants.

Overview

LangDB implements a robust multitenancy model that ensures complete isolation of tenant data while maintaining efficient resource utilization. This approach is implemented across different data storage systems used in the platform.

Clickhouse (Observability)

Clickhouse is used for analytics and observability in LangDB. The multitenancy implementation in Clickhouse includes:

Custom Role and User for Every Tenant

Each tenant in LangDB has a dedicated Clickhouse user and role
These custom roles enforce access permissions specific to the tenant's data
Authentication and authorization are managed at the tenant level
Prevents cross-tenant data access even at the database level

Row Policy Based Tenant Isolation

All read operations in Clickhouse are governed by row policies
Row policies filter data based on the tenant_name column
When a tenant's credentials are used for database access, the row policy automatically restricts results to only that tenant's data
This provides a zero-trust isolation model where the application doesn't need to include tenant filters

Controlled Insert Operations

All inserts into Clickhouse tables automatically populate the tenant column
The tenant column is populated based on the authenticated user context
Direct inserts by tenants are not allowed, preventing potential data integrity issues
Insert operations are performed via service accounts with appropriate tenant context

Postgres (Metadata)

Postgres is used as the primary metadata storage in LangDB. The multitenancy implementation in Postgres includes:

Application-Level Tenant Isolation

Tenant isolation is implemented at the application logic level
All database queries include tenant-specific filters
Application code ensures that queries only return records belonging to the authenticated tenant
Modifications are restricted to only the tenant's own data through application context

Metadata Security Measures

Tenant identifier is a required column in all tenant-specific tables
All database operations include tenant context validation
Application middleware enforces tenant context for every database operation

Implementation Across Environments

This multitenancy model is consistently implemented across Langdb's AWS and GCP deployments, ensuring that tenant data remains securely isolated regardless of the cloud provider.

PreviousDeploying on GCP (Beta)NextConfiguring Data Retention

Last updated 9 months ago

Was this helpful?

hashtagOverview

hashtagClickhouse (Observability)

hashtagCustom Role and User for Every Tenant

hashtagRow Policy Based Tenant Isolation

hashtagControlled Insert Operations

hashtagPostgres (Metadata)

hashtagApplication-Level Tenant Isolation

hashtagMetadata Security Measures

hashtagImplementation Across Environments