← Lessons

quiz vs the machine

Gold1460

System Design

Multi Tenancy Isolation Models

Choosing how much to separate one customer from another in shared software.

5 min read · core · beat Gold to climb

What multi tenancy means

A multi tenant system serves many customers, called tenants, from shared software. The central design question is how much to isolate one tenant's data and resources from another. There is a spectrum.

The isolation spectrum

  • Shared everything stores all tenants in one database with a tenant id column on each row. Cheapest and easiest to operate, but a missing filter can leak data across tenants.
  • Schema or database per tenant gives each tenant their own schema or database. Stronger isolation and easier per tenant backup, but more to manage as tenants grow.
  • Stack per tenant runs separate infrastructure per tenant. Maximum isolation, often for regulated or large customers, at the highest cost.

The tradeoff

You trade cost and operational simplicity against isolation and blast radius. Many products start shared and move large or sensitive tenants onto dedicated databases over time.

Key idea

Multi tenancy spans a spectrum from a shared table with a tenant id to a full stack per tenant, trading lower cost against stronger isolation and a smaller blast radius.

Check yourself

Answer to earn rating on the learn ladder.

1. What is the main risk of the shared table with a tenant id model?

2. What do you gain by moving to a database per tenant?