If spiceDB is accessed by N number of services, is there way we can limit the access of the service in terms of the operations it can perform on which resources in spiceDB ? Basically is there an AuthZ to protect SpiceDB itself?