jpskill.com
🛠️ 開発・MCP コミュニティ

saas-architecture-advisor

Advises on multi-tenant SaaS architecture decisions including tenancy models, data isolation strategies, tenant routing, and scaling patterns. Use when someone is building a SaaS product, converting single-tenant to multi-tenant, or evaluating isolation strategies. Trigger words: multi-tenant, SaaS architecture, tenant isolation, shared database, per-tenant database, row-level security, tenant routing, SaaS patterns.

⚡ おすすめ: コマンド1行でインストール(60秒)

下記のコマンドをコピーしてターミナル(Mac/Linux)または PowerShell(Windows)に貼り付けてください。 ダウンロード → 解凍 → 配置まで全自動。

🍎 Mac / 🐧 Linux 
mkdir -p ~/.claude/skills && cd ~/.claude/skills && curl -L -o saas-architecture-advisor.zip https://jpskill.com/download/15358.zip && unzip -o saas-architecture-advisor.zip && rm saas-architecture-advisor.zip
🪟 Windows (PowerShell) 
$d = "$env:USERPROFILE\.claude\skills"; ni -Force -ItemType Directory $d | Out-Null; iwr https://jpskill.com/download/15358.zip -OutFile "$d\saas-architecture-advisor.zip"; Expand-Archive "$d\saas-architecture-advisor.zip" -DestinationPath $d -Force; ri "$d\saas-architecture-advisor.zip"

完了後、Claude Code を再起動 → 普通に「動画プロンプト作って」のように話しかけるだけで自動発動します。

💾 手動でダウンロードしたい(コマンドが難しい人向け)
  1. 1. 下の青いボタンを押して saas-architecture-advisor.zip をダウンロード
  2. 2. ZIPファイルをダブルクリックで解凍 → saas-architecture-advisor フォルダができる
  3. 3. そのフォルダを C:\Users\あなたの名前\.claude\skills\(Win)または ~/.claude/skills/(Mac)へ移動
  4. 4. Claude Code を再起動
⬇ .zip でダウンロード(推奨) ⬇ .skill 形式(上級者用) 元のソース ↗

⚠️ ダウンロード・利用は自己責任でお願いします。当サイトは内容・動作・安全性について責任を負いません。

🎯 このSkillでできること

下記の説明文を読むと、このSkillがあなたに何をしてくれるかが分かります。Claudeにこの分野の依頼をすると、自動で発動します。

📦 インストール方法 (3ステップ)

  1. 1. 上の「ダウンロード」ボタンを押して .skill ファイルを取得
  2. 2. ファイル名の拡張子を .skill から .zip に変えて展開(macは自動展開可)
  3. 3. 展開してできたフォルダを、ホームフォルダの .claude/skills/ に置く
    • · macOS / Linux: ~/.claude/skills/
    • · Windows: %USERPROFILE%\.claude\skills\

Claude Code を再起動すれば完了。「このSkillを使って…」と話しかけなくても、関連する依頼で自動的に呼び出されます。

詳しい使い方ガイドを見る →
最終更新
2026-05-18
取得日時
2026-05-18
同梱ファイル
1
📖 Claude が読む原文 SKILL.md(中身を展開)

この本文は AI(Claude)が読むための原文(英語または中国語)です。日本語訳は順次追加中。

SaaS Architecture Advisor

Overview

This skill helps teams design and implement multi-tenant SaaS architectures by evaluating isolation strategies, generating tenant routing patterns, and recommending the right tradeoffs based on scale, compliance requirements, and budget constraints.

Instructions

Step 1: Gather Context

Before recommending anything, establish:

  • Scale: Expected tenant count (year 1 and year 3)
  • Tenant size: Users per tenant (range and distribution)
  • Compliance: SOC2, HIPAA, GDPR, or contractual isolation requirements
  • Stack: Database, language, framework, hosting
  • Budget: Monthly infrastructure budget
  • Data sensitivity: What kind of data tenants store
  • Customization needs: Do tenants need custom fields, workflows, or branding?

Step 2: Evaluate Tenancy Models

Present trade-offs for these models:

Shared Everything (single DB, shared tables, tenant_id column):

  • Best for: <1,000 tenants, uniform data model, no strict isolation requirements
  • Cost: Lowest ($1 DB serves all tenants)
  • Risk: Query bugs can leak data; noisy neighbor issues
  • Mitigation: Row-level security (PostgreSQL RLS), application-layer checks

Schema per Tenant (single DB, separate schemas):

  • Best for: 50-500 tenants, moderate isolation needs
  • Cost: Low (single DB instance, logical separation)
  • Risk: Migration complexity scales with tenant count; catalog bloat
  • Mitigation: Automated migration tooling, connection pooling with schema switching

Database per Tenant (dedicated DB per tenant):

  • Best for: <100 tenants, strict compliance, large enterprise clients
  • Cost: Highest ($274+/mo per tenant on RDS)
  • Risk: Operational overhead managing N databases
  • Mitigation: Infrastructure-as-code templates, centralized monitoring

Hybrid (shared for standard, dedicated for enterprise):

  • Best for: Mixed tenant base with some requiring isolation
  • Cost: Moderate (shared DB + N dedicated for premium)
  • Trade-off: Two code paths, but repository pattern abstracts them

Step 3: Design Tenant Routing

Recommend routing strategy based on the application type:

  • Subdomain routing: tenant.app.com — best for B2B SaaS
  • Path routing: app.com/tenant/ — simpler SSL, good for internal tools
  • Header routing: X-Tenant-ID — API-first products
  • JWT claim: tenant_id in token — serverless/stateless architectures

Step 4: Address Cross-Cutting Concerns

For each recommendation, cover:

  • Rate limiting: Per-tenant to prevent noisy neighbors
  • Billing metering: How to track usage per tenant
  • Background jobs: Tenant context propagation to workers/queues
  • Caching: Tenant-namespaced cache keys
  • Search: Filtered indices or per-tenant indices
  • Audit logging: Tenant-scoped audit trails

Step 5: Generate Implementation Artifacts

Produce:

  • Database schema with tenant isolation mechanisms
  • Middleware/interceptor code for tenant context
  • Repository pattern that abstracts tenancy
  • Tenant provisioning/deprovisioning scripts
  • Migration strategy for existing single-tenant apps

Examples

Example 1: Early-Stage SaaS

User prompt:

We have 30 tenants and expect 200 in a year. PostgreSQL, no compliance needs yet. What tenancy model?

Agent output:

Recommendation: Shared database with RLS

At 200 tenants with no compliance requirements, a single PostgreSQL database
with row-level security gives you the best simplicity-to-isolation ratio.

Implementation:
1. Add tenant_id UUID column to all tenant-scoped tables
2. Enable RLS: ALTER TABLE <table> ENABLE ROW LEVEL SECURITY;
3. Create policies: USING (tenant_id = current_setting('app.tenant_id')::UUID)
4. Set tenant context per request in middleware via SET LOCAL

Cost: Single db.t3.medium handles this easily at ~$50/month.
Migration path: If you later need dedicated DBs for enterprise clients,
the repository pattern lets you route specific tenants without changing app code.

Example 2: Healthcare SaaS Requiring HIPAA

User prompt:

Building a patient records SaaS. 50 clinic tenants, HIPAA required. Budget: $5k/month infra.

Agent output:

Recommendation: Database per tenant

HIPAA requires demonstrable data isolation. At 50 tenants, per-tenant databases
are operationally feasible and satisfy compliance auditors.

Architecture:
- Tenant registry DB (shared): Stores tenant metadata + routing config
- Per-tenant RDS instances: db.t3.medium ($50/mo each) = $2,500/mo for 50
- Connection routing: Middleware resolves tenant → connection string from registry
- Encryption: RDS encryption at rest + tenant-specific KMS keys

Budget fit: $2,500 for DBs + $1,000 compute + $500 other = $4,000/mo ✅

Key HIPAA controls addressed:
- Physical data isolation (separate DB instances)
- Per-tenant encryption keys (KMS)
- Tenant-scoped audit logs
- Independent backup/restore per tenant

Guidelines

  • No one-size-fits-all — always evaluate against the specific context before recommending
  • Start simple, migrate up — recommend the simplest model that meets requirements; overengineering multi-tenancy is expensive
  • RLS is not optional for shared databases — application-layer filtering alone is insufficient; one missed WHERE clause = data breach
  • Test tenant isolation — always recommend integration tests that verify queries cannot access other tenants' data
  • Plan for the migration path — even if starting with shared DB, design the data access layer so switching to dedicated DBs later is feasible
  • Background jobs are the blind spot — tenant context often gets lost in async flows; always address this explicitly