PostgreSQL RLS Is Fail-Closed, But Is It Fast? Making django-rls-tenants Index-Friendly

A couple of days ago I published a post about why PostgreSQL Row-Level Security is the right approach to Django multitenancy . The short version: application-level filtering is opt-in, RLS is opt-out. One fails by leaking data, the other fails by returning nothing. I still stand by all of that. But after spending more time with RLS on actual data -- not the neat 50-row test tables I started with -- I ran into something the PostgreSQL documentation doesn't make obvious. RLS policies have a performance cost, and it's not where you'd expect it. The isolation itself is rock solid. The problem is the query planner. PostgreSQL has opinions about how RLS policy expressions get evaluated, and those opinions can prevent your indexes from doing their job. I only noticed because a query that should have been fast wasn't, and EXPLAIN told me a story I didn't expect. This post is about what I found, why it happens, and what changed in django-rls-tenants 1.1.0 to fix it. The Problem: RLS Policies Ca

PostgreSQL RLS Is Fail-Closed, But Is It Fast? Making django-rls-tenants Index-Friendly

Related Articles

Nobody Warned Me About This Part of Being a Junior Developer

Talent gets the spotlight. Discipline builds the legacy.

Coding in the Age of Co-Pilots: Why Developers Who Think Will Win

Two more EVs for the trash heap: Volvo EX30 and Honda Prologue

Building Your First Interactive Flutter App (Dicee)

Related Articles

How-To
Nobody Warned Me About This Part of Being a Junior Developer
Medium Programming • 4h ago

How-To
Talent gets the spotlight. Discipline builds the legacy.
Medium Programming • 4h ago

How-To
Coding in the Age of Co-Pilots: Why Developers Who Think Will Win
Medium Programming • 6h ago

How-To
Two more EVs for the trash heap: Volvo EX30 and Honda Prologue
The Verge • 7h ago

How-To
Building Your First Interactive Flutter App (Dicee)
Medium Programming • 7h ago