PickYourTechPickYourTech home
Supabase Storage Engine logo

Supabase Storage Engine

Scalable, lightweight object storage with PostgreSQL metadata and multi-protocol support

Object Storage & Filesystems

A fast, lightweight object storage engine that stores metadata in PostgreSQL, offers HTTP, TUS, S3, and Iceberg APIs, and enforces access via Postgres row-level security.

Supabase Storage Engine banner

Overview

Overview

Supabase Storage Engine delivers a compact, high‑performance object storage service. It keeps all metadata in PostgreSQL, allowing you to leverage native row‑level security policies for fine‑grained access control. The engine exposes a unified API surface that includes HTTP/REST, TUS resumable uploads, an S3‑compatible interface, and an Iceberg REST catalog, making it suitable for a wide range of application needs.

Capabilities & Deployment

Developers can run the service locally with Docker‑based PostgreSQL and PostgREST using the provided npm scripts. Once started, the server listens on port 5000 and can be integrated with any S3‑compatible backend for actual object storage. The OpenAPI spec, storage guides, and client libraries simplify integration into existing workflows. Because the core is written in TypeScript and relies on PostgreSQL, it fits naturally into cloud‑native stacks that already use these technologies.

Who Benefits

Teams building SaaS platforms, data‑lake catalogues, or any application that requires resumable uploads and strict per‑user permissions will find the engine a lightweight alternative to heavyweight object stores.

Highlights

Multi‑protocol API (HTTP/REST, TUS, S3, Iceberg) in a single service
Metadata stored in PostgreSQL with native row‑level security
Seamless integration with existing S3‑compatible storage backends
Minimal footprint and high performance for cloud‑native workloads

Pros

  • Lightweight and fast
  • Leverages PostgreSQL for reliable metadata handling
  • Flexible protocol support reduces integration complexity
  • Strong security model via row‑level policies

Considerations

  • Requires a PostgreSQL instance
  • Object data still depends on external S3‑compatible storage
  • Advanced bucket policies beyond RLS are not built‑in
  • Not designed as a distributed, multi‑region storage system

Managed products teams compare with

When teams consider Supabase Storage Engine, these hosted platforms usually appear on the same shortlist.

Amazon S3 logo

Amazon S3

Scalable object storage service for unlimited data storage and retrieval with high durability and availability

Azure Blob Storage logo

Azure Blob Storage

Massively scalable cloud object storage service for unstructured data (images, videos, backups) with high durability

Google Cloud Storage logo

Google Cloud Storage

Scalable object storage for unstructured data

Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.

Fit guide

Great for

  • SaaS applications needing integrated storage with fine‑grained access control
  • Developers who prefer a single codebase for HTTP, TUS, S3, and Iceberg APIs
  • Projects that already use PostgreSQL and want to store metadata there
  • Workloads requiring resumable uploads and simple bucket management

Not ideal when

  • Massive scale object storage without an external S3 backend
  • Environments that cannot provision PostgreSQL
  • Use cases demanding built‑in CDN, replication, or multi‑region distribution
  • Scenarios requiring complex bucket policies beyond row‑level security

How teams use it

User avatar management

Store and retrieve user avatars with resumable uploads, enforcing per‑user access via PostgreSQL RLS.

Data lake catalog

Register data files through the Iceberg REST catalog while keeping metadata centrally in PostgreSQL.

Temporary CI pipeline storage

Fast HTTP uploads for build artifacts, automatically cleaned up, backed by an S3‑compatible store.

Multi‑tenant SaaS file storage

Isolate tenant data in separate buckets and use row‑level security to enforce strict isolation.

Tech snapshot

TypeScript96%
PLpgSQL4%
JavaScript1%
Dockerfile1%

Tags

object-storagepostgress3gotrue

Frequently asked questions

Where is the actual object data stored?

The engine stores object data in any S3‑compatible storage you configure; only metadata resides in PostgreSQL.

Can I use the service without an existing S3 bucket?

Yes, you can run a local S3‑compatible backend (e.g., MinIO) for development or testing.

How is access control enforced?

Access rules are defined as PostgreSQL row‑level security policies, applied automatically to metadata queries.

Is the service compatible with existing S3 SDKs?

The S3‑compatible API follows the standard S3 contract, so most S3 SDKs work without modification.

What is required to run the engine locally?

Copy the provided .env files, then use `npm run infra:restart` to start PostgreSQL and PostgREST, followed by `npm run dev` to launch the storage server.

Project at a glance

Active
Visit siteView repo
Stars
1,189
Watchers
1,189
Forks
269
LicenseApache-2.0
Repo age4 years old
Last commitlast week
Primary languageTypeScript

Last synced 11 hours ago