← Back to Topics

Postgres Row-Level Security

Discussions center on using PostgreSQL's row-level security (RLS) and RBAC for fine-grained database access control, including comparisons with API-level auth and tools like Supabase, PostgREST, and Hasura.

➡️ Stable 0.6x Databases
3,317
Comments
19
Years Active
5
Top Authors
#4739
Topic ID

Activity Over Time

2008
8
2009
22
2010
33
2011
44
2012
91
2013
50
2014
88
2015
101
2016
191
2017
147
2018
147
2019
139
2020
260
2021
404
2022
386
2023
380
2024
369
2025
405
2026
54

Top Contributors

jzelinskie (27) ogazitt (23) dragonwriter (21) ruslan_talpa (20) samjs (19)

Keywords

ABAC NEED OSS ACL SLEEP UI LDAP AI authzed.com SQL permissions row access control access security supabase role permission postgres authorization

Sample Comments

eddd-ddde Aug 27, 2023 View on HN

Would something like Postgres RLS be enough?

andrewstuart Apr 18, 2024 View on HN

I wonder if Postgres RBAC row based access control is another solution to this.

emmelaich Jul 16, 2022 View on HN

I think it's more about access control. They don't do any access control at the db level afaik.

DrBenCarson Jul 24, 2023 View on HN

How hard is it to have an API with reasonable RBAC? Why does it NEED database access?

SahAssar May 11, 2024 View on HN

What permissions logic is not easily expressed in your database?

jdc Mar 19, 2020 View on HN

Seems like a good usecase for row-level permissions

davidrusu Dec 19, 2015 View on HN

I'm excited for row level security, it's going to make auth so much easier to work with when using Postgrest

k00b Jul 23, 2020 View on HN

Absolutely fine grain access control is a must have

aazo11 May 25, 2024 View on HN

As I wrote on the original thread, we recommend using the RDBMS row-level security features.This blog discusses how to do that on Postgreshttps://www.2ndquadrant.com/en/blog/application-users-vs-row...

spdustin Feb 26, 2024 View on HN

You can use row-level security, or specify RBAC with pretty much any SQL query.