zed VS examples

The cli can be found here https://github.com/authzed/zed.

Both REST and built-ins for OPA have been available for existing projects like OpenFGA and SpiceDB. In case of SpiceDB, the first built-in was available in June of last year[0].

Why take on the burden of building something new when you could collaborate with the existing communities with more mature solutions? We'd be glad to welcome you!

[0]: https://github.com/authzed/zed/pull/5

As the developer of an external authorization system (full disclosure)[0], I feel obligated to chime in the critiques of external authorization systems in this article. I do think RLS is great and definitely fits the OP's use case and we recommend folks use a solution like this until they hit complexity limitations. Anyways, here's my rebuttal:

1+2 Cost + Unnecessary complexity: this argument can be used against anything that doesn't fit the given use case. There's no silver bullet for any choice of solution. You should only adopt the solution that makes the most sense for you and vendors should be candid about when they wouldn't recommend adopting their solution -- it'd be bad for both the users and reputation of the solution.

3: External dependencies: That depends on the toolchain. Integration testing against SpiceDB is easier than Postgres, IMO [1]. SpiceDB testing can also model check your schema so that you're certain there are no flaws in your design. In practice, I haven't seen folks write tests to assert that their assumptions about RLS are maintained over time.

4: I'm not sure I understand this point. Most companies do not employ authorization experts and solutions worth their salt should natively support multi-tenant use cases.

[0]: https://github.com/authzed/spicedb

[1]: https://github.com/authzed/examples/tree/main/integration-te...