Great post! When starting a green field project, how would you approach the choice between the two options? Are there specific use cases in which one would be preferable over the other?
Good question. OPA is best suited for ABAC-centric scenarios, where your authorization logic is expressed in terms of attributes on users, objects, or environment.
The ReBAC / Zanzibar model is more opinionated, but most use-cases seem to be pretty easily described in ReBAC.
The ReBAC / Zanzibar model is more opinionated, but most use-cases seem to be pretty easily described in ReBAC.