https://authzed.com logo
#spicedb
Title
# spicedb
k

kameshraj

11/17/2022, 10:15 PM
namespace
Hi, I am a newbie and planning to use SpiceDB for my org. We have lot of products in my org and I want to have a centralized SpiceDB cluster serving all these products. Is it possible for each product to define their own objects, relationship and permissions not conflict with other teams? something like a namespace for each product and roles, permission and relationships defined under this namespace and lookup can happen with a namespace specified?
j

Joey

11/17/2022, 10:20 PM
is the intention that there is crossover between those products?
or that they should be fully isolated?
k

kameshraj

11/17/2022, 10:26 PM
I would like to do both. Some products can crossover, and for few I want it to be isolated
j

Joey

11/17/2022, 10:27 PM
if they are going to crossover, you'll want to use something like prefixes to specify which types belong to which products
definition myproduct/someresource { ... }
you'll need a process to combine the schemas into a single one before calling WriteSchema
but that's a good idea anyway for validation purposes
k

kameshraj

11/17/2022, 10:29 PM
any docs/pointers on how this can be done? I would like each product teams to define their own schemas and maintain it
j

Joey

11/17/2022, 10:30 PM
right now its fairly ad hoc - most users with this use case just have a process to append the team-specific schema fragments together to produce the final one that goes into source control
we're working on a proposal to make this more well-defined
the combined schema is then validated in CI/CD
k

kameshraj

11/17/2022, 10:31 PM
that will be great, looking forward to it
j

Joey

11/17/2022, 10:32 PM
also, as mentioned in the main channel
if you want fine grained control over who can check and write portions of the schema
we're developing a solution as part of the paid offering
k

kameshraj

11/17/2022, 10:36 PM
interested in knowing more
j

Joey

11/17/2022, 10:36 PM
feel free to schedule a call at https://authzed.com/contact if you'd like to discuss it (and your other questions)