1. Some of these are primarily updated in a UI, some are driven from some other system. Flags are customer UI, but Auth is often customer's customer (admins setting RBAC) or derived from SAML Role / etc.
2. There are very different personas / different blast-radiuses for different changes. This means that there should be different interfaces for the creation and administration of the different type of things.
3. Different scales. Dynamic configuration / feature flags are great, but you don't want the rule payload to be GB, which you would have if you tried to store fine grained permissions inside it. Zanzibar is awesome and should be available to more people.
4. It would be best if we could all agree on the names & types of these objects. I think schema files and code-generation are underused.
5. My inclination is that entitlements are just feature flags under the covers, but that there's enough different that a custom UX is warranted.
6. It's easy to add a ton of latency to applications with this stuff. First we spend 50ms getting the user... then we go get the billing for 50ms... then we get the entitlements for 50ms... There are big gains to be had by having this solved holisticaly.
hmu anytime jdwyer at prefab.cloud would love to hear your thoughts.
Some of these immediately resonate. I'd love (4) to be a reality but it's going to be a struggle to get there, not that it isn't worth striving for. And while I agree with (5), the "covers" are often complex/dynamic and where a lot of difficulty in implementation and maintenance occurs (Sorta touched on in (3)). (6) is what got us thinking about this idea of distilling entitlements in the first place.
1. Some of these are primarily updated in a UI, some are driven from some other system. Flags are customer UI, but Auth is often customer's customer (admins setting RBAC) or derived from SAML Role / etc.
2. There are very different personas / different blast-radiuses for different changes. This means that there should be different interfaces for the creation and administration of the different type of things.
3. Different scales. Dynamic configuration / feature flags are great, but you don't want the rule payload to be GB, which you would have if you tried to store fine grained permissions inside it. Zanzibar is awesome and should be available to more people.
4. It would be best if we could all agree on the names & types of these objects. I think schema files and code-generation are underused.
5. My inclination is that entitlements are just feature flags under the covers, but that there's enough different that a custom UX is warranted.
6. It's easy to add a ton of latency to applications with this stuff. First we spend 50ms getting the user... then we go get the billing for 50ms... then we get the entitlements for 50ms... There are big gains to be had by having this solved holisticaly.
hmu anytime jdwyer at prefab.cloud would love to hear your thoughts.