Hey 👋 say you are providing a multi tenant platform, where some (100 to 1000) tenants (organizations) are on as "customers", and you want to use authzed as a way to provide access management from platform level over control plane level to data plane level, kinda "one thing to rule them all" style, so use cases range from
"as a platform support engineer for customer X, I need to be able to access (a subset of) X's resources when on-call" ("platform")
over "as a service provider of an SaaS solution, I need to be able to set fine grained access permissions around provisioning of my service X for different customers" ("control plane")
to
"as a service provider inside an org, I want to use authzed as access management solution on the data plane for the users of my service." ("data plane")
Other requirements are, that users could be tied to multiple tenants, e.g. user has extended rights in their "home" tenant X, but only reader rights when accessing a service tenant Y provides. To be tied to a tenant should not say anything about access control in the first place (white-listing).
Hope this makes somehow sense and some people are willing to discuss a possible model for this 🙂 I've seen
https://github.com/authzed/spicedb/issues/204 and understand that instance per-tenant is most secure, but somehow I am not sure it works together with the requirements of "a user can have relations to more than one tenant" and the platform level use cases. Also I think visibility might get hard when you have something like a "my access" tab that should provide you with an overview about everything you have access to, no matter the tenant. This would imply multiple calls to different instances and then aggregating i guess.. before this gets too long, let's see if anyone has any hint how to model that, because it feels huge for me atm 😉