What is Materialize?
AuthZed Materialize is available to users of AuthZed Dedicated as part of an early access program. Don’t hesitate to get in touch with your AuthZed account team if you would like to participate.
AuthZed Materialize takes inspiration from the Leopard index component described in the Zanzibar paper . Much like the concept of a materialized view in relational databases, AuthZed Materialize is a service that you configure with a list of permissions that you want it to precompute, and it will calculate how those permissions change after relationships are written (specifically, when those relationships affect a subject’s membership in a permission set or a set’s permission on a specific resource), or when a new schema is written. These precomputed permissions can then be used either to provide faster checks and lookups through Accelerated Queries, or streamed into your own application database and colocated alongside the data they protect — a pattern known as colocated permissions — so you can search, sort, filter, and paginate over authorized objects natively and much more efficiently.
In summary, AuthZed Materialize allows you to:
- Speed up
CheckPermissionandCheckBulkPermissions. - Speed up
LookupResourcesandLookupSubjects, especially when there is a large number of resources. - Build authorization-aware UIs — sort, filter, and paginate over many thousands of authorized objects natively in your own database by colocating computed permissions next to your application data.
- Perform ACL filtering in secondary indexes too, like a search index (e.g. Elasticsearch) — authorization-aware UIs and search-index filtering are the same idea (ACL filtering) applied to different stores.