Features
SpiceDB is the most scalable and consistent Google Zanzibar-inspired database for storing and computing permissions data—use it to build global-scale fine grained authorization services.
Expressive APIs
Expressive gRPC and HTTP/JSON APIs for powering authorization logic in your client applications.
Distributed Graph
Distributed, parallel graph engine faithful to the architecture described in Google’s Zanzibar paper.
Prevents New Enemies
A flexible consistency model configurable per-request that includes resistance to the New Enemy Problem.
Configuration Language
Intuitive authorization configuration language — SpiceDB Schema — with CI/CD integrations for validation & testing.
Pluggable Storage
Support for in-memory, Spanner, CockroachDB, PostgreSQL, and MySQL relationship storage.
Deep Observability
Deep observability with Prometheus metrics, pprof profiles, structured logging, and OpenTelemetry tracing.
Release Notes
Highlights
🪞Schema Reflection APIs are now GA! Reference information about your schema without computing permissions, making it easier to build features like dynamic admin panels 🩵 Postgres and MySQL interface improvements
Don't miss
🎼 Available in zed v0.27.0, you can now try out composable schemas! Introducing two new concepts, schema import statements and partials, we've made it easier to write concise schemas and for multiple teams to work on separate files. For more info, check out the docs.
Features
- Promote reflection APIs from experimental to V1 schema service by @josephschorr in https://github.com/authzed/spicedb/pull/2249
- Support follower read delay flag with Postgres and MySQL datastores by @ecordell in https://github.com/authzed/spicedb/pull/2245
Enhancements
- Port expiration compiler changes into composableschemadsl by @tstirrat15 in https://github.com/authzed/spicedb/pull/2240
- Import: improve err msg by @kartikaysaxena in https://github.com/authzed/spicedb/pull/2242
- Improve handling of watch errors by @josephschorr in https://github.com/authzed/spicedb/pull/2244
- Change Spanner default metrics to go to OTEL by @josephschorr in https://github.com/authzed/spicedb/pull/2248
- Make pg datastore continuously checkpoint using a revision heartbeat by @vroldanbet in https://github.com/authzed/spicedb/pull/2252
- Follow ups to #2252 by @vroldanbet in https://github.com/authzed/spicedb/pull/2254
Fixes
- Move nodeid default calculation to init to avoid race by @josephschorr in https://github.com/authzed/spicedb/pull/2256
Updated Dependencies
- Bump the go-mod group across 1 directory with 34 updates by @dependabot in https://github.com/authzed/spicedb/pull/2243
- Update go.mod for vulns in Go libs by @josephschorr in https://github.com/authzed/spicedb/pull/2251
Full Changelog: https://github.com/authzed/spicedb/compare/v1.40.1...v1.41.0
Docker Images
This release is available at authzed/spicedb:v1.41.0, quay.io/authzed/spicedb:v1.41.0, ghcr.io/authzed/spicedb:v1.41.0
SpiceDB Tooling
SpiceDB Operator
kubectl create spicedbcluster
Zero-Downtime Datastore Migrations
Automated Update Channels
Learn Key Concepts
Define a Permissions Schema
Integrate Your Applications
Test and Deploy
Define Authorization
as Schema
Design tailored authorization systems by defining relationships, permissions based on those relationships, and bits of policy called Caveats.
Try for Yourself 👇
