SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions.

SpiceDB

Hi guys. 
I would like your opinion about an feature out of scope of spiceDb, that might also be interesting for you.

I would like a Governance Model on spice DB schema, the Tl;DR is who is authorized to write what relations. 
I have a tight controlled system where every machine is authenticated and for all our definitions we created the notion of a namespace imbued in its name.

For each `resource`  (not subject) we are are whitelisting who is the owner of a particular namespace / resource definition or for the case where two micro services have to contribute to the same resource, we are able to pin the whitelist to the relation. 

Question, how would you solve this? Has anyone come to you with a similar problem?