undefined | Better HN

0 pointsdeanCommie2y ago0 comments

Oh I assumed Zanzibar would have also been the model for GCP's public IAM?

0 comments

I don’t know one way or the other. OP claimed elsewhere in this threat that Zanzibar is used to manage authorization records for services like Google Drive and YouTube.

But as far as Zanzibar itself, it’s not something Google makes available externally.

Having played in all the major (and common) sandboxes (so not like, Oracle), the GCP, Azure, and AWS permission systems are all fairly similar. They each have their foibles but their conceptual designs are all fairly similar. But that’s not a criticism: anyone designing that kind of IAM service really isn’t going to end up with something that different given the goals involved.

torgard2y ago

Zanzibar is their internal system, and they've released a paper describing it.

https://storage.googleapis.com/pub-tools-public-publication-...

TheNewsIsHere2y ago

Did you mean to reply to a higher level comment? :)

j / k navigate · click thread line to collapse

0 comments

TheNewsIsHere2y ago

I don’t know one way or the other. OP claimed elsewhere in this threat that Zanzibar is used to manage authorization records for services like Google Drive and YouTube.

But as far as Zanzibar itself, it’s not something Google makes available externally.

torgard2y ago

Zanzibar is their internal system, and they've released a paper describing it.

https://storage.googleapis.com/pub-tools-public-publication-...

TheNewsIsHere2y ago

Did you mean to reply to a higher level comment? :)

j / k navigate · click thread line to collapse