Option C is the correct answer. Implementing row-level security by creating a custom function that filters the data based on the tenant_id and the user's role allows you to enforce data access control for multi-tenant applications. This approach ensures that each tenant can only access their own data based on the user's role. Option A is incorrect because creating a separate database for each tenant is not scalable and does not provide row-level security. Option B is incorrect because stored procedures alone do not provide a consistent security model. Option D is incorrect because Azure Cosmos DB does not have built-in support for role-based access control (RBAC).