ワンクリックで
multi-tenancy
Multi-tenant architecture patterns: row-level, schema-level, database-level isolation and tenant routing
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Multi-tenant architecture patterns: row-level, schema-level, database-level isolation and tenant routing
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
SOC 職業分類に基づく
**Architecture Decision Record (ADR) — Philosophy-First**: Creates well-structured ADRs using a 3-phase process: (1) Define the architectural philosophy and identity of the system, (2) Explore options through the lens of that philosophy, (3) Adversarial review by a devil's advocate agent. Use this skill whenever the user wants to document a technical decision, create an ADR, record why a technology or approach was chosen, compare architectural alternatives, or mentions 'ADR', 'architecture decision', 'decision record', 'technical decision', 'why did we choose', or 'document this decision'. Also trigger when the user is evaluating trade-offs between technical approaches and wants to formalize the reasoning.
**AI/ML Engineering Review**: Reviews AI/ML systems for production readiness — model serving, MLOps pipelines, LLM integration patterns, prompt engineering, evaluation frameworks, and responsible AI. Covers model deployment, feature stores, experiment tracking, monitoring/drift detection, and AI safety. Use when the user mentions ML, AI, machine learning, model, LLM, GPT, Claude, embeddings, RAG, fine-tuning, MLOps, model serving, feature store, or any AI/ML infrastructure.
**API Documentation & Design (OpenAPI/Swagger)**: Helps write and review API documentation, generate OpenAPI/Swagger specs, design RESTful APIs, and document GraphQL schemas. Use whenever the user mentions 'API docs', 'Swagger', 'OpenAPI', 'API specification', 'API design', 'REST API', 'endpoint documentation', 'API contract', 'API versioning', 'GraphQL schema', 'API reference', or asks to document their API, generate a Swagger spec, design API endpoints, or review API contracts for consistency.
API Gateway design patterns including rate limiting, authentication, versioning, BFF and circuit breaking
ARB process design, RFC governance, decision log and technical review workflows
**Backend Code Review (Node.js, Java, Microservices)**: Expert review of backend code focusing on Node.js, Java, Clean Architecture, SOLID principles, microservices patterns, SQL/database design, messaging (Kafka, SQS, SNS), and payment flows. Use whenever the user wants a review of backend code, API design, service architecture, database queries, or mentions Node, Java, Spring, NestJS, Express, microservices, REST API, gRPC, or asks to review server-side code. Also trigger for database schema reviews, query optimization, and message queue patterns.
| name | multi-tenancy |
| description | Multi-tenant architecture patterns: row-level, schema-level, database-level isolation and tenant routing |
| category | architecture |
| preferred-model | opus |
| min-confidence | 0.8 |
| depends-on | ["database-review","security-review"] |
| estimated-tokens | 6000 |
| triggers | {"domains":["saas"],"frameworks":["postgres","prisma","typeorm"]} |
| tags | ["multi-tenant","saas","isolation","sharding"] |
┌──────────────────────────────┐
│ Single Database │
│ ┌────────────────────────┐ │
│ │ users table │ │
│ │ tenant_id │ name │ │
│ │ ──────────┼────────── │ │
│ │ company_a │ Alice │ │
│ │ company_b │ Bob │ │
│ └────────────────────────┘ │
└──────────────────────────────┘
Pros: Simple, cheap, easy to maintain
Cons: Risk of data leakage, shared resources
Best for: Small/medium SaaS, cost-sensitive
Implementation — TypeORM Global Scope:
// Middleware injects tenant
@Injectable()
export class TenantMiddleware implements NestMiddleware {
use(req: AuthRequest, res: Response, next: NextFunction) {
req.tenantId = req.user?.companyId;
next();
}
}
// Repository automatically filters by tenant
@Injectable()
export class TenantAwareRepository<T> {
constructor(private repo: Repository<T>) {}
findAll(tenantId: string): Promise<T[]> {
return this.repo.find({ where: { tenant_id: tenantId } as any });
}
// CRITICAL: NEVER allow findAll without tenantId
}
// Global subscriber (safety net)
@EventSubscriber()
export class TenantSubscriber implements EntitySubscriberInterface {
afterLoad(entity: any) {
// Verify tenant match on every load (paranoia mode)
}
beforeInsert(event: InsertEvent<any>) {
// Auto-inject tenant_id
if (event.entity && !event.entity.tenant_id) {
event.entity.tenant_id = getCurrentTenantId();
}
}
}
┌──────────────────────────────┐
│ Single Database │
│ ┌──────────┐ ┌──────────┐ │
│ │ schema_a │ │ schema_b │ │
│ │ users │ │ users │ │
│ │ orders │ │ orders │ │
│ └──────────┘ └──────────┘ │
└──────────────────────────────┘
Pros: Good isolation, shared infra cost
Cons: Schema migration complexity, connection pooling
Best for: Medium SaaS, regulated industries
┌──────────┐ ┌──────────┐ ┌──────────┐
│ DB_A │ │ DB_B │ │ DB_C │
│ users │ │ users │ │ users │
│ orders │ │ orders │ │ orders │
└──────────┘ └──────────┘ └──────────┘
Pros: Maximum isolation, per-tenant backup/restore
Cons: Expensive, complex management
Best for: Enterprise, healthcare, financial
// Router that selects connection based on tenant
@Injectable()
export class TenantConnectionManager {
private connections = new Map<string, Connection>();
async getConnection(tenantId: string): Promise<Connection> {
if (this.connections.has(tenantId)) {
return this.connections.get(tenantId);
}
const config = await this.configService.getTenantDbConfig(tenantId);
const connection = await createConnection({
name: tenantId,
...config,
});
this.connections.set(tenantId, connection);
return connection;
}
}