The fundamentals of the Managed PostGreSQL offering
The service Managed PostgreSQL is a fully managed open-source PostgreSQL relational database deployed on Cloud Temple's sovereign SecNumCloud infrastructure. Based on the latest stable version of PostgreSQL Community and the Kubernetes operator CloudNativePG, This service guarantees automatic failover, configurable replication (synchronous or asynchronous) and transaction-accurate point-in-time recovery (PITR).
Each cluster is deployed in a dedicated customer environment. In production, operator CloudNativePG orchestrates the entire lifecycle of the PostgreSQL cluster, including automatic leader election and standby promotion, guaranteeing continuity of service without human intervention in the event of failure.
Our compliance procedures
Our Managed PostGreSQL offering is HDS and ISO 27001 certified, and available on SecNumCloud-qualified and C5-compliant services.
The benefits of Cloud Temple's Managed PostGreSQL offering
A base that won't fall off
Automatic high availability
Guarantee continuity of service with a failover orchestrated by CloudNativePG in less than 30 seconds, totally transparent for your applications.
Zero losses, even in production
RPO = 0 with synchronous replication
Secure every transaction with native synchronous replication, ensuring that no validated data can be lost in a multi-AZ environment.
Come back exactly before the incident
PITR to the second
Restore your data with precision thanks to the continuous archiving of WALs on Object Storage, essential for meeting compliance requirements.
PostgreSQL power and flexibility
Use an engine capable of managing both relational and advanced uses (JSONB, geospatial, vector-based), enhanced by a vast ecosystem of extensions.
Key features of the PostGreSQL offering
CloudNativePG (automatic HA)
Orchestration of the entire PostgreSQL lifecycle on Kubernetes. Automatic leader election, standby promotion, replica reconfiguration - failover without human intervention in < 30 seconds.
PgBouncer (connection pool)
High-availability lightweight connection proxy (active/active x2). Transaction pooling: application connections are multiplexed, reducing the load on PostgreSQL (essential because PG is process-per-connection).
Point-in-Time Recovery (PITR)
Restore at any time via the CloudNativePG operator: continuous WAL archiving on Object Storage S3 + scheduled full backups. Accuracy per transaction.
Automatic back-ups
Full, differential and incremental backups managed by CloudNativePG. Hot backup without interruption. Encrypted storage on Object Storage Cloud Temple.
JSONB (Native Document Store)
Storage and indexing of binary JSON data with GIN operators. JSON attribute queries, partial indexing, JSON aggregation functions - without a separate NoSQL database.
Row-Level Security (RLS)
Data access control at line level via SQL policies (CREATE POLICY). Data isolation by tenant without application modification - ideal for multi-tenant SaaS.
Extensions (PostGIS, pg_vector...)
Catalogue of pre-installed extensions that can be activated on demand: PostGIS (geospatial), pg_vector (IA embeddings), TimescaleDB (time series), pg_partman (partitioning), pgcrypto, pg_trgm, pg_stat_statements, uuid-ossp.
Native partitioning
PostgreSQL declarative partitioning by range, list or hash. pg_partman for automatic partition management (rotation, purging). Essential for large tables.
TLS 1.3 encryption
Encryption of all client-PostgreSQL connections (via PgBouncer) and inter-node replication (WAL streaming). X.509 certificates managed by Cloud Temple.
Encryption at rest
AES-256 encryption of PostgreSQL data volumes and CloudNativePG-managed backups stored on Object Storage.
Streaming Replication
Physical replication (WAL streaming) of data from the Primary to the Standbys. Synchronous mode (synchronous_standby_names=1) in production for RPO = 0.
Insulation by dedicated instance
Each customer has its own PostgreSQL cluster on a dedicated infrastructure, with an isolated private network. No sharing of data between customers.
Technical specifications
Do you have a cloud-native application project, an AI project or a critical database? Let's talk.
Whether you need to store AI embeddings with the pg_vector extension, manage geospatial data with PostGIS, isolate your SaaS customers' data using Row-Level Security (RLS), or guarantee an RPO=0 thanks to the CloudNativePG operator in multi-AZ, our data experts are there to help you. We'll help you size your cluster, choose your extensions and configure your network isolation on our SecNumCloud cloud.
Share your project details with us using this form: we'll get back to you quickly to design the PostgreSQL architecture that meets your performance and sovereignty requirements.
Use cases
No, the network is totally isolated.
To guarantee maximum security, access to your PostgreSQL instances (via the PgBouncer pooler) is only possible from your Cloud Temple private network (IPsec VPN or dedicated interconnection). No public IP address is assigned to your database.
Completely automatically, thanks to CloudNativePG.
In a production environment (multi-AZ), we are deploying a Primary node and two Standbys nodes (one per datacenter). Orchestration is entrusted to the Kubernetes CloudNativePG operator. In the event of failure of the Primary, the operator automatically elects a Standby and redirects application traffic in less than 30 seconds, without any human intervention. With synchronous replication enabled (synchronous_standby_names=1), no confirmed transaction can be lost (RPO = 0).
Thanks to multiplexing with PgBouncer.
As PostgreSQL uses a process-per-connection model, too many simultaneous connections can saturate its resources. To avoid this, our service natively includes the PgBouncer proxy configured for transaction pooling. It multiplexes your numerous application connections to a reduced number of real connections on PostgreSQL, optimising performance.
Yes, a rich ecosystem of extensions is available.
The service allows you to activate the most popular community extensions on demand to meet your specialist use cases without the need for an additional server. These include PostGIS (geospatial data), pg_vector (vector similarity search for AI/RAG), pg_partman (partitioning) and TimescaleDB (time series, on request). The pg_stat_statements extension (performance statistics) is activated by default.
Native reversibility without locking.
You retain full ownership of your data. If you leave, reversibility is guaranteed by the Data Act: you can extract your data continuously via standard SQL dumps (pg_dump), or retrieve a free physical export (CloudNativePG backup) within 15 days. Once you have cancelled, we will securely erase your data, WALs and backups within 7 days.