Skip to content
ai-de.net/Projects/P30 · Enterprise AI Platform — multi-tenant governed RAG
Last updated By AI-DE Engineering Team
EXPERT-tier · PRO unlocks Module 01AI & vectors trackP30

Build a
governed enterprise
AI platform — RAG with audit

Ship a multi-tenant RAG platform with Postgres RLS isolation, Presidio PII redaction, prompt-injection + jailbreak guardrails, a Redis-backed policy engine, per-tenant token cost tracking, and 5 committed ADRs. Module 01 unlocks with PRO; the platform unlocks with EXPERT.

Timeline
20-26 hours
Difficulty
Senior+
Stack
FastAPI · Anthropic · pgvector · Presidio · Redis · OTel
See EXPERT benefits

The governance system-design portfolio piece for staff AI roles — 5 committed ADRs, a Presidio + RLS reference build, a runnable cost model, and an on-call runbook you can defend in an architecture review.

By the end you will have wired
  • Per-tenant /v1/chat with JWT auth and Postgres RLS isolation on pgvector
  • Presidio PII redaction with an immutable audit log and GDPR data-deletion
  • Lineage DAG in Redis + a policy engine + an agent approval queue
  • Prompt-injection + jailbreak + output-filter guardrails with Prometheus alerts
  • Per-tenant token cost tracker with daily projections + Grafana cost panel
  • 5 ADRs (one Deprecated) committed alongside the code, plus a real cost-model CSV
PREREQ · SENIOR+Built for engineers shipping AI in regulated orgs. Comfortable with Python services, Postgres + RLS basics, and at least one of: retrieval, vendor LLM APIs, or a policy/audit pipeline. Not a “what is RAG” course.
aip.platform · tenant=acme · 4 active
RLS + audit ✓
TENANTGATEWAY · POLICY · SAFETYRAG + LLMSTATEacmezenithnorthwind+1 tenantFastAPI · JWTinjection-detectpolicy-enforcerpii-redact (Presidio)agent-approvalRBAC retrieverpgvector + RLSClaude HaikuClaude Sonnetoutput-filtercascade · 70% Haikupgvectorper-tenantaudit-logper-tenantredis-policyper-tenantredis-costper-tenanttenant_cost_tracker · acme · 30-dayhaiku 1.4M in / 0.4M out → $2.72sonnet 0.6M in / 0.18M out → $4.50→ projected MTD: $7.22 (budget $40) ✓⚡ safety · 24h rolling · acmePII redactions: 412 (target ≤ 1k/day) ✓jailbreak blocks: 3 (review queue: 1)→ on-call: page if ≥ 50 PII or ≥ 1/5m injection
4
tenants seeded
RLS + RBAC
isolation model
5 ADRs
committed
Curriculum · 4 modules · 20-26 hours

Module 01 unlocks with PRO. The full platform with EXPERT.

Module 01 (~5h) ships a working multi-tenant RAG service with audit + Presidio — included with PRO. Modules 02-04 (~15h additional) layer on the lineage / safety / multi-tenant scale story and unlock with EXPERT.

P30 · 4 modules · 20-26 hours · 50 lessons
Free preview EXPERT required
M01
RAG + Compliance Core
FastAPI gateway, pgvector retrieval with permission levels, Presidio PII redaction, GDPR data-deletion manager, and an immutable audit log with checksums. The honest baseline you ship before anything else exists.
5h12 lessonsPRO TIER
Unlock with PRO →
M02
Lineage, Policy, Agent Approvals
Redis-backed lineage DAG (input → retrieval → LLM → output), a policy enforcer with rule actions (allow / deny / require_approval / mask), a SecureAgentExecutor with human-in-the-loop gating, and a compliance report exporter.
4h11 lessonsEXPERT TIER
Unlock with EXPERT →
M03
Safety Guardrails + Observability
Prompt-injection detector, jailbreak prevention middleware (roleplay + authority-bypass patterns), output filter for credential leaks, Prometheus metrics + Grafana panels (PII rate, injection attempts, token cost), an on-call runbook, and a red-team pytest suite.
5h13 lessonsEXPERT TIER
Unlock with EXPERT →
M04
Multi-Tenancy at Scale
Postgres Row-Level Security policy, tenant context middleware, tiered RBAC (admin/analyst/viewer/agent), Redis sliding-window rate limiter, per-tenant token cost tracker with daily projections, OpenTelemetry per-tenant spans, and a cross-tenant leakage checker.
6h14 lessonsEXPERT TIER
Unlock with EXPERT →
Module 01 with PRO ($29/mo) · Modules 02-04 with EXPERT ($79/mo)
See plans →
Backed by curriculum
Enterprise AI Infrastructure
8 modules14 hoursMulti-tenant · RBAC · PII · Audit
Open curriculum
iThis curriculum is the foundation for the project — it’s not a sales add-on. EXPERT subscribers get full access to all modules.
The build, in 3 phases

Foundation. Governance. Scale.

Each phase ends with a tagged release, a passing red-team suite, and an audit-log review. No ambiguity about where you are.

01~5h
Foundation (Module 01)

RAG + Compliance Core running locally. Per-tenant retrieval with permission levels, Presidio redaction, immutable audit log.

  • Working /v1/chat per tenant
  • Presidio PII redaction middleware
  • Audit-log table with checksums
02~9h
Governance (Modules 02-03)

Lineage + policy + approvals + safety guardrails. Prompt injection / jailbreak / output filtering with Prometheus + Grafana + runbook.

  • Redis lineage DAG + policy engine
  • Agent approval queue with HITL gate
  • Red-team pytest suite + Grafana safety dashboard
03~6h
Scale (Module 04)

Multi-tenant hardening. RLS, tenant RBAC, rate limiting, per-tenant cost tracker, OTel observability, leakage checker.

  • Postgres RLS + tenant context middleware
  • Per-tenant cost panel + daily projections
  • Cross-tenant leakage checker + OTel per-tenant spans
Project setup · 15 minutes

One command. Local FastAPI + Postgres + pgvector + Redis + Presidio.

What lives in the repo

You get the real platform on day one — FastAPI as the gateway, PostgreSQL + pgvector for retrieval, Redis for lineage / policy / approval queue / rate limit / cost, Presidio for PII detection, and Prometheus + Grafana for safety + cost dashboards.

  • compose.{core,full}.yml — Postgres + pgvector, Redis, Prometheus, Grafana
  • api/ + rag/ — FastAPI gateway + RBAC retriever + Anthropic Claude pipeline
  • governance/ — lineage DAG, policy enforcer, secure agent executor
  • safety/ — injection detector, jailbreak middleware, output filter
  • auth/ + middleware/ + db/ — tenant context, tenant RBAC, Postgres RLS setup
  • docs/adr/ + docs/cost-model/ — 5 ADRs (one Deprecated) + the runnable cost-model CSV
Download · Starter Kit · 75 files · 262 KB

Enterprise AI Platform Starter Kit

Pre-built governed-RAG stack with seeded multi-tenant Postgres, Redis, Prometheus + Grafana, the red-team pytest suite. Now bundled: 5 committed ADR markdown files (docs/adr/) and the runnable cost-model CSV (docs/cost-model/) — unzip and read them straight from the repo.

EXPERT project · 75 files · ADRs + cost model bundled · last updated 2026-05-09
~/projects/enterprise-ai-platform — zsh
1. Unzip and start the platform
$ unzip enterprise-ai-platform-starter.zip
$ cd enterprise-ai-platform && cp .env.example .env
$ docker compose -f docker-compose.full.yml up -d
2. Send a multi-tenant request
$ curl -X POST http://localhost:8000/v1/chat \
$ -H 'X-Tenant-ID: acme' -H 'X-User-Role: analyst' \
$ -d '{"query":"Summarize Q4 earnings"}'
3. Run the red-team pytest suite
$ pytest tests/red_team/test_guardrails.py -v
4. Open the cost panel + verify per-tenant attribution
$ open http://localhost:3000/d/enterprise_ai_safety # Grafana
$ redis-cli HGETALL cost:acme:2026-05
4
tenants seeded
~5k
seed docs
505 KB
SQL fixtures
18
red-team cases
Production hardening

The same RAG demo — but built for the regulated case.

Most AI tutorials show you a notebook hitting a vendor API. This shows what changes when 4 tenants share infrastructure, compliance owns the audit log, and finance asks for unit economics.

Notebook RAGWhat most teams ship
×
Identity
One API key shared across users
×
PII
Hope nothing sensitive ends up in prompts
×
Policy
Hard-coded if-statements in Python handlers
×
Failure mode
Hallucination + jailbreak ship to prod
×
Cost
Whatever the bill says next month
×
Agent loop
While-loop; dies on timeout
Your governed RAGModule 01–04
Identity
Per-tenant JWT, RLS on pgvector, role-based RBACRetriever
PII
Presidio redaction at ingest + on output, with audit entries for every match
Policy
Redis-backed JSON rules + PolicyEnforcer; hot-reload without redeploy
Failure mode
Injection + jailbreak + output filter; immutable audit log on every call
Cost
Per-tenant token attribution + daily projections + Grafana cost panel
Agent loop
Approval queue (Redis 24h TTL) + HITL escape + structured audit (ADR-004)
EXPERT-only · architecture decision records

Write the ADRs staff engineers actually get judged on.

Five ADRs ship inside the starter-kit zip at docs/adr/, one per major decision in the build, including a real Deprecated ADR documenting the v1 → RLS migration. The kind of doc that travels with you to your next role. Preview ADR-001 →

ADR-001Accepted

Use Anthropic Claude API over self-hosted inference for v1

Context
Small team, 4-tenant beta, time-to-shipped > per-token cost at v1 scale
Decision
Adopt the anthropic SDK; pipeline interface is one method call
Tradeoff
Vendor lock-in surface vs near-zero day-1 setup cost
Reversal
vLLM swap is ~1 engineer-week behind the router; crossover at ~80M tok/mo
ADR-002Accepted

Multi-tenant isolation via Postgres RLS, not schema-per-tenant

Context
Hard isolation requirement; schema-per-tenant ops cost too high at <50 tenants
Decision
tenant_id on every row + RLS POLICY tenant_isolation + session var
Tradeoff
Larger composite indexes; defense-in-depth at the DB layer
Reversal
Per-tenant migration to schema-per-tenant is documented; ~3d/tenant
ADR-003Accepted

Policy engine is Python rules + Redis store, not OPA/Rego

Context
Policies must hot-reload; Rego learning curve costs more than it buys at v1
Decision
PolicyEnforcer reads JSON rules from Redis; eq / in / gte ops only
Tradeoff
No formal verification; lower expressiveness vs zero-new-infra
Reversal
OPA swap is ~2 engineer-weeks; ~30 rules to translate to Rego
ADR-004Accepted

Approval queue is Redis with 24h TTL, not Temporal workflow

Context
Stateful approvals; durability + auto-reject on stale; Temporal infra cost > value at v1
Decision
SETEX approval:{tenant_id}:{req_id} with 24h TTL; reviewer mutates status
Tradeoff
24h hard cap; no compensating actions; no multi-approver fan-out
Reversal
Temporal swap is 3-4 engineer-weeks; well-scoped triggers documented
ADR-005Deprecated

Single shared documents table for all tenants (v1)

Context
MVP shipped without tenant_id; permission_level alone for access control
Decision
Reverted in M04 — added tenant_id + RLS + composite indexes
Why reversed
Cross-tenant join risk + index rot at scale; security review flagged it
Replaced by
ADR-002 (RLS multi-tenant)
EXPERT-only · cost model

Read the FinOps story for the build you actually ship.

Module 04 ships a runnable cost-model CSV inside the starter-kit zip at docs/cost-model/. 4-tenant beta load, real Anthropic + AWS RDS + ElastiCache list prices, with model-cascade and reserved-instance levers wired up. The version you’ll defend to a CFO. Preview the CSV →

ComponentBaseline / moOptimized / moDelta
Anthropic Claude (Haiku)
70% of mix · 4 tenants × ~1.4M in/0.4M out tok/mo
$112
$28
−$84
Anthropic Claude (Sonnet)
30% of mix · escalation only when confidence < 0.7
$47
$28
−$19
Postgres + pgvector (RDS)
db.t4g.medium · 100GB gp3 · 4 tenants × 1M chunks
$98
$68
−$30
ElastiCache Redis
cache.t4g.small primary + replica · lineage + policy + approval + cost
$54
$36
−$18
OTel + Grafana Cloud free tier
50GB logs + 50GB traces + 10K series included
$12
$12
Total · 4 tenants
~$0.30 per 1k requests at baseline
$331
$180
−$151 (−46%)

Optimization levers

Model cascade (Haiku → Sonnet)
Route 70% to Claude Haiku first; escalate to Sonnet only when confidence < 0.7. Premium tenants opt in to direct-Sonnet.
−$95 / mo
RDS + ElastiCache 1-yr reserved
Commit to 12-month reserved capacity once load is stable for 30 days. ~30% off both stores.
−$48 / mo
Embedding batch + LRU cache
Coalesce embedding calls per 50ms window; LRU cache on near-duplicate queries.
−$8 / mo
EXPERT benefit · cohort beta

Async architecture review with a staff-level reviewer (cohort beta).

Submit your repo, your ADR draft, or your safety-rule rollout plan. A staff or principal-level reviewer who has shipped this exact stack responds within 7 days with line-by-line comments. Cohort capped at 12 members.

Bring a diff, an ADR draft, or a runbook.

The cohort beta runs as async architecture review — pick a reviewer by topic, send the artifact, get inline comments + a Loom walkthrough back. No back-and-forth scheduling. No 30-minute slot pressure.

MR
Mira R.
Ex-staff · LLM platform · top-3 cloud
Multi-tenant inference, RLS at scale, model promotion + A/B canary patterns
Send the diff. I'll go line-by-line through your retriever and the RLS predicates and pick out the joins that leak.
DK
Daniel K.
Principal · agent platform · enterprise SaaS
Agent design, approval gating, HITL flows, audit-trail compliance reviews
Send your worst trace. We'll walk it backwards from the audit log to the policy that should have blocked it.
AS
Anya S.
Eng manager · AI infra · public Series-D
Org design for AI teams, hiring rubrics, staff-engineer interview prep, scoping
If you're prepping for staff promo, send your ADR draft. We'll work backwards from the rubric.
Format
Async
Turnaround
7 days
Cohort
12 members
Scope
ADR + arch review
Request a slot
What your tier unlocks

PRO unlocks Module 01. EXPERT unlocks the full platform.

PRO is the entry point — Module 01 plus the rest of the PRO catalog. EXPERT unlocks Modules 02-04 of this build, the 5 ADRs, the cost-model CSV, and the cohort-beta async review.

What you getFREEPROEXPERT
Module 01 of P30
RAG + Compliance Core (~5h)
Included
Included
Modules 02-04 of P30
Lineage / Safety / Multi-tenant (~15h)
Included
5 committed ADRs + cost-model CSV
Starter kit docs/adr/ + docs/cost-model/
Included
PRO project catalog
Production-grade builds
2
All current
All current + this one
Curriculum
All 7 tracks
Phase 1 only
All
All + bonus modules
Code review
Senior+ reviewers
4 / month
Unlimited
Cohort-beta architecture review
Async · 7-day turnaround · 12-member cap
Included
Certificate
Verifiable on LinkedIn
Yes
Yes + LinkedIn rec
$79/mo
billed monthly · open enrollment · cancel anytime
or annual
$699/yr save 26%
Unlock EXPERT
Who this is for

Pick this if you own the audit log, not just a feature.

ST

Staff / principal engineers

You own the audit log, the safety pipeline, and the multi-tenant story your security team will pull apart in their next review.

EM

Engineering managers · AI

You need a reference architecture for the governance + safety questions your CISO will ask before the AI team gets headcount approval.

PA

Platform / infra leads

You absorb AI without absorbing 6 new vendors. RLS, Redis, Prometheus, Postgres — tools you already operate. This is the playbook.

FR

Founding engineers · AI startups

Your investors will ask about compliance posture before they ask about scale. The 5 ADRs + cost model + audit log is the answer.

Related curriculum

Going deeper? Four tracks back this project.

The Enterprise AI Infrastructure curriculum is the foundation. These four tracks let you go deeper on the parts that matter most for your role.

Agentic Workflows

Approval-gated agent loops, HITL design, audit trails, durable retries.

7 modules · 24 hoursAGENT APPROVAL DEEP-DIVE

LLM Evaluation

Faithfulness, groundedness, golden sets, eval-as-canary, regression in CI.

5 modules · 14 hoursSAFETY METRICS DEEP-DIVE

RAG Learning Path

Chunking, hybrid retrieval, reranking, query rewriting, evaluation.

8 modules · 35 hoursRAG FOUNDATION FOR M01

Vector Databases & Retrieval Infrastructure

pgvector tuning, HNSW vs IVFFlat, sharding at 100M+, multi-tenancy.

15 modules · ~28 hoursPGVECTOR + RLS DEEP-DIVE
Browse all 7 curriculum tracks
FAQ · EXPERT tier

Quick answers.

ADR-001 lays out the full tradeoff. Short version: at the 4-tenant beta load this project targets, the Anthropic API costs ~$200/mo vs ~$1,200/mo idle GPU on a self-hosted stack. The crossover is at ~80M tokens/month per tenant — the cost-model CSV in the starter kit shows the math. The pipeline interface is a single method call, so the swap is ~1 engineer-week behind the router whenever you cross that line.
Module 01 (RAG + Compliance Core) is included with PRO at $29/mo. The rest of the platform — Modules 02-04 (lineage / policy / safety / multi-tenant scale), the 5 committed ADRs, the runnable cost-model CSV, and the cohort-beta async architecture review — unlocks with EXPERT at $79/mo. PRO gets you the foundation; EXPERT gets you the system you'd defend in an architecture review.
Not for v1. The cohort beta runs as async review: you submit a diff / ADR / runbook, a staff-level reviewer responds within 7 days with inline comments + a Loom walkthrough. Cohort is capped at 12 members so reviewers can keep the SLA. We'll evaluate adding live 1:1 sessions once the cohort signal is solid.
20-26 hours of focused work across 4 modules. Most learners spread it across 4-6 weeks alongside a day job. Module 01 alone is ~5 hours and gets you a shipping multi-tenant RAG service.
It's a strong forcing function. Staff AI interviews lean heavily on system design (multi-tenant, audit, safety, cost) and on having opinions backed by real tradeoffs. The 5 ADRs you'll commit (one Deprecated, with receipts) are exactly the artifacts a panel asks about. Pair with the cohort-beta review on your final repo and you have a portfolio.
Yes — receipts and a learning-budget letter are downloadable on subscription. Many EXPERT learners are reimbursed under engineering training or AI upskilling budgets.
Related projects

Paired with this project

P06PAIDai
Enterprise RAG — retrieval-quality build

EXPERT-tier retrieval-quality RAG: 4-strategy chunking A/B (62/78/85%), hybrid BM25 + dense + RRF, cross-encoder reranker, RAGAS 4-metric canary, LLM gateway with fallback. 5 ADRs + cost-model CSV bundled.

Explore project →

Ready to ship a governed AI platform?

Start with PRO ($29/mo) for Module 01 — RAG + Compliance Core. Or unlock the full 4-module platform plus 5 ADRs, the cost-model CSV, and cohort-beta architecture review with EXPERT ($79/mo).

See EXPERT benefits
P30 · Enterprise AI Platform · EXPERT · PRO unlocks M01Unlock EXPERT →
Press Cmd+K to open