Policy-aware retrieval for global data
AI engineer at Indeed on TurboPuffer vs. Vespa vs. Elasticsearch at scale
This is where retrieval stops being a search problem and becomes a systems design problem. In a global product, permission checks are not just simple tenant filters, they can depend on who the user is, what country their data came from, which fields contain PII, and whether that data is even allowed to cross a region boundary. That is why teams often keep the final policy engine in the application layer, even when the vector store supports namespaces and metadata filters.
-
Elasticsearch is strongest when policy needs to live inside the data layer, because it supports document level and field level security on a per index basis. That makes it easier to hide specific records or fields before they ever reach the application, but it is a heavier system to operate than a serverless vector store.
-
Vespa sits in the middle. It gives teams much more control over ranking, filtering, and query profiles, so it fits products where permissions, personalization, and ranking logic are tightly intertwined. At Indeed, that is why Vespa is used for more customized recommendation and ranking workloads, while TurboPuffer is used for more generic agent retrieval.
-
TurboPuffer can filter by metadata and isolate data with namespaces, and it also offers regional deployment and compliance tooling, but the evidence here suggests its sweet spot is simpler candidate retrieval. Once policy depends on multi step business rules, teams still end up enforcing a lot of it in orchestration code and observability systems around the store.
The direction of travel is toward more policy aware retrieval infrastructure. As AI systems touch more customer data across more regions, the winning backends will be the ones that can combine low cost retrieval with native controls for region, identity, and field visibility, so fewer critical privacy checks have to be rebuilt in application code.