Query Enforcement - Guardrail Layer
Documentation

Query Enforcement

How Guardrail Layer validates, constrains, and controls every query before it reaches your database.

Execution as a Controlled Operation

In Guardrail Layer, database execution is never assumed to be safe. Every query is treated as untrusted input — regardless of its source.

Queries are evaluated for safety before correctness.

Validation Pipeline

Each query passes through a deterministic enforcement pipeline:

  • Syntax validation
  • Metadata awareness
  • Role and context evaluation
  • Policy enforcement
  • Execution gating

Allowed Query Types

Guardrail Layer enforces strict rules around which query types are permitted.

SELECT

Allowed by default, subject to policy

INSERT

Restricted, optional

UPDATE

Restricted, optional

DELETE

Disabled by default

Even allowed query types are constrained by role and context.

Column & Projection Enforcement

Queries are analyzed to determine exactly which columns are being accessed.

Enforcement includes:

  • Denying restricted columns
  • Removing unauthorized projections
  • Replacing sensitive fields with redacted equivalents
SELECT id, email FROM users;
→ TRANSFORM
SELECT id FROM users;

Join Constraints

Joins significantly increase inference risk and are strictly controlled.

Guardrail Layer can:

  • Allow joins only along approved relationships
  • Deny joins across sensitivity boundaries
  • Rewrite joins to safe subsets

Aggregation Controls

Aggregations are a common source of unintended data leakage.

Guardrail Layer enforces:

  • Minimum group sizes
  • Aggregate-only roles
  • Limits on repeated aggregate queries
SELECT COUNT(*) FROM users WHERE country = 'US';
ALLOW
SELECT COUNT(*) FROM users WHERE email = 'user@example.com';
DENY Aggregation on unique identifier

Execution Limits

Guardrail Layer enforces execution safety limits regardless of query intent.

  • Row count caps
  • Mandatory LIMIT clauses
  • Timeout thresholds
  • Execution cost ceilings

Query Outcomes

Every query results in a clear, explicit outcome:

Allow

Executed unchanged

Transform

Safely rewritten

Deny

Blocked with explanation

SELECT * FROM users;
DENY Unbounded projection and missing LIMIT

Deterministic Behavior

Guardrail Layer does not rely on probabilistic or heuristic enforcement.

The same query in the same context will always produce the same result.

Why This Matters

Enforcement is not about preventing errors — it's about preventing irreversible mistakes.

Guardrail Layer treats the database as a protected system, not a playground for prompt experimentation.

Next Steps

Review audit logging
All queries are evaluated before execution — without exception.
Scroll to Top