From Chaos To Control: Migrating Access Control... Jo Guerreiro & Poovamraj Thanganadar Thiagarajan
Jo Guerreiro, Poovamraj Thanganadar Thiagarajan
KubeCon + CloudNativeCon Europe 2025 · Session
This talk, "From Chaos To Control: Migrating Access Control," delves into the complex journey undertaken by Grafana to modernize its authorization infrastructure by migrating to **OpenFGA**, a declarative authorization system inspired by Google's Zanzibar. Presented by Jo Guerreiro and Poovamraj Thanganadar Thiagarajan, the session provides a candid look at the challenges and solutions encountered when transitioning a large, multi-tenant, cloud-native observability platform with over 14 years of legacy access control features. The speakers highlight the critical need for a standardized, fine-grained, and scalable authorization system in today's interconnected application ecosystems.
AI review
This talk from Grafana's Jo Guerreiro and Poovamraj Thiagarajan provides a brutally honest, deep dive into migrating a 14-year-old authorization system to OpenFGA, a Zanzibar-inspired declarative authorization engine. It's a goldmine of practical, actionable insights for anyone tackling fine-grained access control in a multi-tenant, cloud-native environment, covering schema design, performance considerations, multi-tenancy strategies, and high-risk data migration techniques like 'always write' feature toggles and shadow calls. This isn't theoretical fluff; it's real-world engineering with…