You'd need to use a datastore that supports strong consistency and geographical distribution. Right now the options SpiceDB supports are Spanner and CockroachDB.
You'll need to find the intersection between regions supported by CockroachDB/Spanner and regions where you will be serving your CDN from, and deploy SpiceDB there. If they are not in the same region, a region close nearby may do it depending on your latency requirements.
If your relationship changes are rather infrequent and the dataset is small enough to fit in memory, you could deploy SpiceDB with the in-memory datastore and put it in read-only mode. Basically you'll store all the relationships and your schema in a YAML file SpiceDB will load from, and when you need to change permissions, you could then deploy a new SpiceDB with the new YAML file. You could also use a
zed
backup file to restore from.