BetweenRowsDocumentation

A fully customizable data access governance layer — install, configure, and operate the SQL-aware proxy that enforces fine-grained access policies in real-time.

Quickstart

Introduction

betweenrows.dev

Start

Introduction, Quickstart, and the demo schema. From a single `docker run` command to a policy-protected query in under 15 minutes.

Get started

Concepts

Architecture, policy model, security overview, threat model, known limitations, and glossary. Begin here if you are evaluating BetweenRows.

Understand the system

Features

Data sources, users and roles, attributes, the policy system (types, template expressions, decision functions), and audit and debugging.

Explore features

Guides

Deploy with Docker or Fly, configure, upgrade, back up, troubleshoot, and follow end-to-end recipes like multi-tenant isolation.

Run in production

About

Roadmap, changelog, and license.

See the roadmap

TIP

Pin your Docker image to a specific version tag (e.g., ghcr.io/getbetweenrows/betweenrows:0.16.2) rather than :latest so upgrades stay deliberate.

For security and compliance reviewers

Start with the Security Overview — a curation page that frames the threat model, trust boundaries, and deployment checklist, then links to the detailed concept and reference pages. Then skim Architecture, Policy Model, and Known Limitations.

For developers and DBAs

Start with the Quickstart — it walks from a single docker run command to a working policy-protected query in under 15 minutes. Then read the Write your first row filter guide and the Multi-tenant isolation flagship tutorial.