Office Hours: ACL-aware filtering in your own database with SpiceDB and AuthZed Materialize

Product Update: February

/assets/team/jimmy-zelinskie.jpg
March 11, 2022|5 min read

Being transparent about our views on transparency

At Authzed, January was not only the beginning of the new year, but also a new set of initiatives. Transparency can mean different things to different people, but here it's built into our DNA. From developing our products open source, publishing our post-mortem reviews of technical and operational processes, providing users direct access to our service's metrics, to blogging our weekly thoughts, we always take an eye towards ensuring that our software, services, and business motivations are not a black box.

We began preparing to ship our usage-based billing for Authzed.com in January, and we're proud to announce that it shipped this February. Because this functionality is directly related to how customers are charged, we made it a hard requirement to ship that users have all the information possible to understand how their bills are calculated. All SpiceDB API responses return metadata to help users understand the performance of their requests; we've chosen this as the building block to charge our Authzed.com users. In the dashboard, billing comes with a brand new set graphs that help users understand in real time their API usage via their computation costs, which are the same metrics used to calculate their bill. These graphs are not only for Authzed.com users, but are also made available in Authzed Enterprise so that on-prem businesses can better understand their projects' authorization usage. By making less complex responses for Authzed.com cheaper, we've aligned our incentives with app developers that want to improve the performance of their applications.

February's focus on transparency involved not only our open source SpiceDB, but also a healthy split between Authzed.com and Authzed Enterprise.

Major highlights include:

  • Developing a new distribution pipeline for Authzed Enterprise
  • Applying performance and operational improvements to harden SpiceDB and Authzed.com
  • Making usage-based billing for Authzed.com generally available
  • Implementing a Cloud Spanner datastore for SpiceDB
  • Announcing the March 14th deprecation of the V0 APIs
    • Creating a new GitHub Action for validating schemas

We're looking forward to a Spring full of pollinating new ideas and helping grow healthy new SpiceDB deployments.

ICYMI: in addition to posting weekly blog posts, we're now officially posting monthly wrap-ups of events and new functionality we've added to Authzed. We're also giving everyone a little taste of our Slack's random channel and all of it's off-topic goodness.

February Updates

Open Source

  • SpiceDB got a wide variety of architectural improvements:
    • A brand new Cloud Spanner datastore
    • Middleware now supports a pluggable authentication function
    • Consistency is now handled in a middleware with reduced datastore roundtrips
    • SpiceDB can now serve gRPC over an in-memory byte buffer
    • Validation error messages now include context from current applied schema
    • Caching was made configurable with a CLI flag
  • Zed v0.4.0 shipped with support to validate playground files, perfect for your CI/CD pipelines
  • The folks at Bitski have authored a community Rust client
  • action-spicedb-validate is now available to GitHub users for validating schemas in their CI/CD workflows

Authzed.com

  • Usage-based billing is now GA without requesting access
  • New graphs for API usage to visualize real-time performance and costs
  • Improved API latency ~25%
  • Demonstrated our transparency processes with a post-mortem

Authzed Enterprise

  • Authzed Enterprise v0.1.0 was released
  • Authzed Enterprise got a new distribution platform: GitHub
  • Authzed Enterprise container images are now signed by sigstore!

Blogs / Talks

Entropy from #random

Collage of PTO landscapes

Get started for free

Join 1000s of companies doing authorization the right way.