Starlet #17 SpiceDB: Google Zanzibar-inspired Authorization System

This is the seventeenth issue of The Starlet List. If you want to prompt your open source project on star-history.com for free, please check out our announcement.

---

What is SpiceDB?

SpiceDB is the most scalable and consistent Google Zanzibar-inspired database for storing and computing permissions data—use it to build global-scale fine-grained authorization services.

What is SpiceDB used for?

SpiceDB is used by companies looking to implement a robust and scalable authorization system inspired by Google Zanzibar.

Google Zanzibar prevents “exposure of sensitive information to an unauthorized actor” while ensuring consistency and scalability of access control. Essentially, it aims to prevent broken access control, the number one security concern according OWASP’s 2021 report.

SpiceDB helps companies looking to break into the enterprise segment and/or adopt a product-led growth motion.

Key features of SpiceDB

• Expressive APIs
• Distributed Graph
• Prevents New Enemies
• Configuration Language
• Pluggable Storage
• Deep Observability

SpiceDB was created and is maintained by the team behind AuthZed, and it also has a network of contributors and community members.

What is Google Zanzibar?

Google Zanzibar is a relationship-based access control system (ReBAC) capable of processing "more than 10 million client queries per second."

Google Zanzibar powers authorization for hundreds of Google Products, including Google Calendar, Cloud, Drive, Maps, Photos, and YouTube.

It unlocks unique experiences like cross-product authorization checks, e.g., Slack’s Gmail extension can check if a recipient can access a Google Doc, unlocking growth through reduced friction points while maintaining user privacy.

Find out more about SpiceDB

• Website: https://authzed.com/spicedb
• Docs: https://authzed.com/docs
• GitHub Repo: https://github.com/authzed/spicedb
• Playground: https://play.authzed.com/
• SpiceDB load testing guide: https://authzed.com/blog/spicedb-load-testing-guide
• Latest release: https://github.com/authzed/spicedb/releases

Relevant videos

• SpiceDB Academy | Language Primer: https://www.youtube.com/watch?v=AoK0LrkGFDY&feature=youtu.be
• FOSDEM 2024 Tech Talk SpiceDB: Mature, Open Source ReBAC: https://www.youtube.com/watch?v=wOtglviAl9U
• What you need to know about Permissions Management: https://authzed.com/blog/permissions-management

Some demo applications

• How to model GitHub permissions: https://authzed.com/demo
• Modeling Google Groups with SpiceDB: https://www.youtube.com/watch?v=dlARPyDVPZQ

Find out more about Google Zanzibar

• What is Google Zanzibar?
• Google Zanzibar’s paper annotated by our team.
• Policy-based Access Control vs Google Zanzibar.
• Primer on modern enterprise authorization systems.