Introducing Keto, the open source implementation of Google’s Zanzibar
Zanzibar is Google’s consistent, global authorization system; a project started at Google in 2012. It primarily plays two roles. It acts as a storage system for access control lists and groups used by hundreds of Google projects (Maps, Google Drive, Calendar, and so on) to store permissions of digital objects. Also, Zanzibar acts as an authorization engine, where the Google products talk to check whether a given request is authorized or not.
At the moment Zanzibar manages 2 trillion+ tuples of 1500+ namespaces, replicated in several dozens of locations globally over 10,000+ servers. It handles 10million+ client queries per second.
I recently learnt about Keto, an open source implementation of Zanzibar from a Hacker News thread, and thought it would be a very interesting topic to discuss in our Silicon Valley IAM Meetup and invited Patrik Neu, who is the core maintainer of the Keto project to share his insights with our meetup community. Patrik is based out of Munich, Germany and he’s been contributing to open source projects since 2017.
The Ory, is the company behind Keto, and they are also in the process of building a SaaS offering on top of Keto.
