What is Google Zanzibar?
Google designed its Zanzibar authorization system to handle its complex access needs. See how you can leverage this to create fine-grained ReBAC in your app
Google Zanzibar is a white paper that describes Google's authorization system for handling authorization for its vast number of users and services. Today, it is still an extremely popular term in the IAM space, being used almost synonymously to describe fine-grained authorization, just as Role Based Access Control (RBAC) is used to describe authorization systems.
Renowned for its distributed, scalable, and consistent architecture, Google Zanzibar allows developers to model their permissions as data in a graph and provides a natural solution for implementing Relationship-Based Access Control (ReBAC). Granular, innovative yet resource hefty and complex, Google Zanzibar has many pros and cons. In this blog, we’ll cover what Google Zanzibar is, when, and how you should implement it to solve your application’s authorization needs.
Google's broad, diverse ecosystem encompasses a multitude of distributed applications serving various purposes, including B2B, B2C, and advertising platforms (Think of a YouTuber who manages their own channel, has a specific type of access to a ‘Google Drive’ based storage through their workplace, and can edit the reviews they posted on Google maps, all using a single identity).
