Office Hours: ACL-aware filtering in your own database with SpiceDB and AuthZed Materialize

Product Update: January

/assets/team/jimmy-zelinskie.jpg
February 8, 2023|3 min read

A fresh new year of updates

We decided to kick off the year fresh with a ton of new updates on almost all of our open source projects. Open source isn't the only place where we've been building, though! Our managed services also saw some pretty big updates. I'm super proud of the community and our team at Authzed for what they've managed to deliver.

Major highlights include:

  • Google Cloud is now generally available for SpiceDB Dedicated
  • Releases on almost all of our open source projects
  • Caveats are available in zed and the Playground
  • SpiceDB Operator now supports automated update channels

ICYMI: in addition to posting weekly blog posts, we're now officially posting monthly wrap-ups of events and new functionality we've added to Authzed. We're also giving everyone a little taste of our Slack's random channel and all of its off-topic goodness.

Updates

Open Source

  • SpiceDB v1.16.0 and v1.16.1 were released
    • Developer API now supports caveats
    • Dispatch concurrency limits are now configurable on each request type
    • v1.CheckPermission is now optimized for cases where many subjects have the same relation
  • SpiceDB Operator v1.1.0 was released
    • Introduced update channels for fully automating SpiceDB upgrades
    • Added support for custom annotations
    • Added support for custom service accounts
  • Controller Idioms v0.6.0 and v0.7.0 were released
    • Added a hash.Set for hashable objects
    • Bumped Kubernetes to v1.26
    • Simplified unpausing to removing a label
  • Zed v0.8.0 was released
    • Contexts can now store custom CAs
    • Full support for caveats, including in debug traces

Authzed Products

  • Playground
    • Caveats are now available in the Playground
    • Traces were also expanded to include caveats
    • Zed is now integrated into the Playground
    • New drop-down example loader
  • Dedicated
    • Now available on Google Cloud!
    • New clusters can now specify a size (small, medium, large)
    • OIDC, Okta, GSuite SSO support
  • Serverless
    • Rate limits now grpc error code RESOURCE_EXHAUSTED instead of UNAVAILABLE

Community

Entropy from #random

  • CircleCI users rotate your secrets!
  • Years and years of Postgres use and we still find [features we never knew about]
  • Apple fans rejoice! The Butterfly Keyboard class action settlement is coming
  • We aren't writing much Python these days, but we wish we had Ruff when we did
  • Victor got a new toy and we're all jealous
  • We choked back our tears reading the YAML document from Hell
  • Go 1.20 shipped with PGO
  • A Discord member used ChatGPT to write a SpiceDB schema
  • Our M1 Max are all garbage now that M2 is out
  • macOS user with an external monitor? Lunar is a game-changer
  • The Beechers in NYC closed! We'll just have to visit Seattle now.
  • << EOF We finally learned the name to a very common shell feature EOF

Get started for free

Join 1000s of companies doing authorization the right way.