Title
k
kameshraj
11/17/2022, 10:15 PMnamespace
Hi, I am a newbie and planning to use SpiceDB for my org. We have lot of products in my org and I want to have a centralized SpiceDB cluster serving all these products. Is it possible for each product to define their own objects, relationship and permissions not conflict with other teams? something like a namespace for each product and roles, permission and relationships defined under this namespace and lookup can happen with a namespace specified?
j
Joey
11/17/2022, 10:20 PMis the intention that there is crossover between those products?
or that they should be fully isolated?
k
kameshraj
11/17/2022, 10:26 PMI would like to do both. Some products can crossover, and for few I want it to be isolated
j
Joey
11/17/2022, 10:27 PMif they are going to crossover, you'll want to use something like prefixes to specify which types belong to which products
definition myproduct/someresource { ... }you'll need a process to combine the schemas into a single one before calling WriteSchema
but that's a good idea anyway for validation purposes
k
kameshraj
11/17/2022, 10:29 PMany docs/pointers on how this can be done? I would like each product teams to define their own schemas and maintain it
j
Joey
11/17/2022, 10:30 PMright now its fairly ad hoc - most users with this use case just have a process to append the team-specific schema fragments together to produce the final one that goes into source control
we're working on a proposal to make this more well-defined
the combined schema is then validated in CI/CD
k
kameshraj
11/17/2022, 10:31 PMthat will be great, looking forward to it
j
Joey
11/17/2022, 10:32 PMalso, as mentioned in the main channel
if you want fine grained control over who can check and write portions of the schema
we're developing a solution as part of the paid offering
k
kameshraj
11/17/2022, 10:36 PMinterested in knowing more
j
Joey
11/17/2022, 10:36 PMfeel free to schedule a call at https://authzed.com/contact if you'd like to discuss it (and your other questions)