Cache rule schema

Rules in Airbrx are JSON objects stored on a tenant's configuration. The App's rules workshop is the usual edit surface; this page is the underlying shape — for scripting bulk changes, importing rules from another tenant, or generating rules from an external system. For the conceptual model, start with Rules as the differentiator.

Top-level shape

{
  "id": "cache_customer_data",
  "name": "Cache customer queries for 1 hour",
  "description": "Per-user cache on the CUSTOMER table",
  "enabled": true,
  "priority": 10,
  "mode": "all",
  "conditions": { /* what queries match */ },
  "actions":    { /* what happens on match */ },
  "respectSqlHints": true,
  "invalidateRules": [],
  "requireInvalidation": false
}

Required fields

Field	Type	Description
`id`	string	Unique identifier within the tenant.
`name`	string	Human-readable display name.
`enabled`	boolean	Whether the rule is active.
`priority`	integer (1–100)	Evaluation order. Lower number = higher priority. Priority 1 is "most important," 100 is "fallback."
`mode`	string	`"all"` for AND logic across conditions, `"either"` for OR logic.

Optional fields

Field	Type	Description
`description`	string	Free-form explanation of the rule's intent.
`conditions`	object	Matching criteria. Empty / omitted = match all queries.
`actions`	object	What happens when the rule matches.
`respectSqlHints`	boolean	Honor inline SQL comment hints (default `true`).
`invalidateRules`	string[]	Rule IDs to invalidate when this DML rule fires.
`requireInvalidation`	boolean	If `true`, the DML statement fails when invalidation can't be recorded (default `false`).

Conditions

Conditions match query metadata. Within a single condition type, operators combine with AND. The rule's mode controls how condition types combine.

Tables

Operator	Description	Example
`includes`	Table appears in the query	`"includes": "ORDERS"`
`notIncludes`	Table does not appear	`"notIncludes": "TEMP_DATA"`
`includesAny`	Any of these tables appear	`"includesAny": ["ORDERS","SALES"]`
`includesAll`	All of these tables appear	`"includesAll": ["ORDERS","CUSTOMERS"]`

Schema / catalog

Operator	Description	Example
`equals`	Exact match	`"equals": "finance"`
`matches`	Regex pattern	`"matches": "^prod_.*"`
`in`	One of these values	`"in": ["finance","accounting"]`

Statement type

Common values: SELECT, INSERT, UPDATE, DELETE, SHOW, DESCRIBE, WITH.

Operator	Description	Example
`equals`	Exact statement type	`"equals": "SELECT"`
`in`	One of these types	`"in": ["SELECT","SHOW"]`
`notIn`	Not one of these types	`"notIn": ["INSERT","UPDATE","DELETE"]`

SQL pattern

Operator	Description	Example
`matches`	Regex on the statement text	`"matches": "\\bJOIN\\b"`
`contains`	Substring search	`"contains": "WHERE customer_id"`
`startsWith`	Begins with	`"startsWith": "SELECT COUNT"`

Columns

Operator	Description	Example
`includes`	Column appears	`"includes": "email"`
`includesAny`	Any of these columns	`"includesAny": ["ssn","credit_card"]`
`includesAll`	All of these columns	`"includesAll": ["first_name","last_name"]`

User

Operator	Description	Example
`equals`	Specific user	`"equals": "admin@company.com"`
`matches`	Email pattern	`"matches": ".*@contractors\\.com"`
`in`	List of users	`"in": ["user1","user2"]`

Parameterized queries

Match queries with parameter placeholders — :name, ?, $1:

{
  "conditions": {
    "hasParameters": true,
    "parameters": {
      "customer_id": { "equals": "VIP123" },
      "region":      { "in": ["US","CA","MX"] },
      "ssn":         { "exists": true }
    }
  }
}

Condition	Description
`hasParameters`	Boolean — query has parameter placeholders
`parameters.<name>.equals`	Exact parameter value
`parameters.<name>.in`	Value in list
`parameters.<name>.matches`	Regex on value
`parameters.<name>.exists`	Parameter is bound
`parameters.<name>.greaterThan`	Numeric comparison
`parameters.<name>.lessThan`	Numeric comparison

Parameter values are automatically included in cache keys when present — you don't need to specify them in cacheKeyElements.

Modes

"mode": "all" (default) — every condition must match. "mode": "either" — any condition matching is enough.

Actions

Cache TTL

{
  "actions": {
    "cache": { "ttlSeconds": 3600 }
  }
}

TTL	Meaning
`0`	Don't cache — bypass
`60`	1 minute
`3600`	1 hour
`86400`	24 hours
`604800`	1 week

Stale-while-revalidate

Opt a cache rule into stale-while-revalidate by adding a staleWhileRevalidate block on the cache action. When a cached entry is past its TTL but within the SWR window, the Gateway returns the cached value immediately and fires a background refresh against the warehouse. See the cookbook recipe for when to reach for it.

{
  "actions": {
    "cache": {
      "ttlSeconds": 3600,
      "staleWhileRevalidate": {
        "enabled": true,
        "windowSeconds": 86400
      }
    }
  }
}

Field	Type	Description
`enabled`	boolean	Whether SWR applies to this rule. Default `false`; omitting the block has the same effect.
`windowSeconds`	integer or `null`	How far past TTL the Gateway will serve a stale result before falling through to a synchronous miss. `null` means "serve stale until a refresh succeeds" — unbounded; rare.

Validation. enabled: true with no windowSeconds is a load-time error — tenants must explicitly choose a stale ceiling (including null for forever). Negative or non-finite values are also rejected.

Invalidation precedence. An invalidation marker against a cache rule always suppresses its stale-cached response, even inside the SWR window. SWR bounds latency; invalidation bounds correctness, and correctness wins.

Cache key elements

What makes a cached entry unique. The Gateway hashes these inputs to compute the cache key.

{
  "actions": {
    "cacheKeyElements": ["userId", "warehouse", "standardizedSql"]
  }
}

Element	Description	Use when
`standardizedSql`	Normalized SQL text	Always (recommended baseline)
`statement`	Original SQL text	Exact-match scenarios
`userId`	User identifier	Per-user isolation (RLS)
`userRole`	User's role	Role-based sharing
`userGroups`	User's groups	Group-based sharing
`warehouse`	Target warehouse	Warehouse-specific results
`warehouseSize`	Warehouse size/tier	Size-specific caching
`catalog`	Catalog name	Catalog isolation
`schema`	Schema name	Schema isolation
`tables`	Table names	Table-aware caching
`columns`	Column names	Column-aware caching
`tenantId`	Tenant identifier	Multi-tenant deployments (auto-included for cross-tenant scenarios)

These are included automatically and don't need to be listed: proxyVersion (cache invalidates on Gateway upgrades), sessionState (session vars and catalog/schema context), describeOnly (separates schema queries from data queries), parameterValues (parameter values for parameterized queries).

Invalidation rules (DML)

A rule that matches DML statements (INSERT/UPDATE/DELETE) can name cache rules to invalidate when it fires:

{
  "id": "orders-dml",
  "name": "Orders Table Changes",
  "priority": 5,
  "conditions": {
    "statementType": { "in": ["INSERT","UPDATE","DELETE"] },
    "tables": { "includes": "ORDERS" }
  },
  "actions": {},
  "invalidateRules": ["cache-orders-aggregates","cache-orders-recent"]
}

Pair with "requireInvalidation": true on a cache rule to refuse cache hits if recent invalidation activity can't be confirmed — right default for compliance-critical caches.

Worked example

{
  "id": "cache_customer_data",
  "name": "Cache customer queries per user for 1 hour",
  "description": "Aggregate reads on CUSTOMER, isolated per user (RLS).",
  "enabled": true,
  "priority": 10,
  "mode": "all",
  "conditions": {
    "tables":         { "includes": "CUSTOMER" },
    "statementType":  { "equals": "SELECT" }
  },
  "actions": {
    "cache": { "ttlSeconds": 3600 },
    "cacheKeyElements": ["userId", "warehouse", "standardizedSql"]
  }
}