January 2022 Summaries
5 posts from AuthZed
Filter
Month:
Year:
Post Summaries
Back to Blog
The author of the text has upgraded to a Mac with an M1 Max system-on-chip, which provides improved performance and capabilities compared to their previous M1 MacBook Pro. The main benefits include faster builds, smoother user experience, and better support for multiple external monitors. However, some issues like Docker for Mac performance, VPNKit stopping working, and lack of native Discord app support are still being encountered. Despite these challenges, the author finds that the M1 Max is a joy to use daily, with features like mobile usage, satisfying keyboard typing, instant website rendering, and smooth terminal scrolling. The investment in an M1 Max machine seems worthwhile for engineering teams, especially considering the significant productivity gains from faster builds and tighter feedback loops.
Jan 27, 2022
1,199 words in the original blog post.
Google Groups is a mailing list discussion service that Google launched in 2001. It has expanded to facilitate general group management within Google Workspace (formerly G Suite) and offers various permissions features such as per-group permissions, public resources, groups being members of other groups, custom roles, and banned users. These features are modeled using Authzed and can be wiredded up with applications. The service allows for dynamic permission computation using a schema language that supports union, intersection, and exclusion operations. It also includes features such as user-defined roles, public resources, recursive membership, user-defined roles with roles defined in data, and exclusions. Google Groups provides a powerful permissions system that can be used to model various use cases, including group management, custom role granting, and banning users.
Jan 20, 2022
1,735 words in the original blog post.
The author was faced with a security issue in their open source project, SpiceDB, which involved a bug that had real-world consequences. The team created a GitHub Security Advisory to remediate the issue, which included creating a private fork of the repository, developing a fix, testing it, and publishing a CVE identifier. They also deployed the fix to production before publishing the advisory publicly. The process was smooth, despite some minor bumps, thanks to GitHub's Security Advisory system, which provided a formalized security vulnerability process for the project.
Jan 13, 2022
2,483 words in the original blog post.
There will be more high-profile security incidents in the open-source and developer tooling ecosystem due to inconsistently implemented authorization rules, prompting security teams to invest in centralized authorization databases. The SpiceDB team released version 1.3.0 with new functionality, including internally versioned namespaces and object wildcards, while simplifying their deployment strategy for enterprise users. Authzed also introduced monthly updates and a Slack channel showcasing its random content.
Jan 07, 2022
487 words in the original blog post.
SpiceDB is an open-source database system for managing application permissions, inspired by Google's internal authorization as described in the Zanzibar paper. Unlike Zanzibar, which treats users as a first-class concept and assumes they can always be represented by a unique integer, SpiceDB does not make this assumption due to the diverse range of Identity Providers used by organizations. Instead, SpiceDB allows developers to model their own users, enabling relationships that take the form of (resource, relation, subject) rather than just (resource, relation, user). This approach provides flexibility and enables schemas that can handle various interrelated types, such as users, personal access tokens, and API keys, making it a more adaptable system.
Jan 05, 2022
727 words in the original blog post.