Should ownership be a first-class citizen in cloud access control?

This page summarizes the projects mentioned and recommended in the original post on /r/Cloud
Authorization AWS Permissions access-control Kubernetes

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • OPAL

    Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...) (by permitio)

    • I’m from Permit.io, we provide permissions as service, with low-code on top of OPA + OPAL, and Zanzibar.We are trying to decide if the concept of ownership (e.g. user A owns resource B) should be a direct concept in the system, or if we should just keep it as an attribute you can set conditions on.Example of current first-class citizens we have - Tenant (a silo for identities and resources that belong together), Roles (set of permissions that can be provided to a user/identity per tenant / in general).On one hand ownership is a very common relationship / attribute - and it makes sense simplifying. On the other hand we do have a generic ABAC (and soon ReBAC interface), and this can be a slippery slope.WDYT ?

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts