Overview

SpiceDB Enterprise is the production-ready version of SpiceDB we use in our managed services. You can license SpiceDB Enterprise to deploy into your own environment.

SpiceDB Enterprise comes with:

• Fine-Grained Access Management tokens for your service accounts
• Full SpiceDB request audit logging
• Early access to security patches
• Additional enterprise-only functionality as it's released

For self-hosted deployments using SpiceDB Open Source or SpiceDB Enterprise we recommend purchasing a support package.

For more information, please schedule an introductory call.

Accessing SpiceDB Enterprise

SpiceDB Enterprise is made available via the authzed-enterprise GitHub organization as a container image stored in the organization's registry.

Images are signed using cosign, storing a signature of their digests alongside the image in the registry. They are also published publicly to the rekor transparency log operated by the Linux Foundation's security-focused foundation, the OpenSSF. You can read more about keyless container signing and verification in the cosign documentation.

Deployment Recommendations

Use the spicedb-operator to deploy and manage your SpiceDB Enterprise clusters.

Permissions Storage

• Single-Region
  • PostgreSQL
• Multi-Region
  • CockroachDB
  • Google's Cloud Spanner

SpiceDB Environment

• Kubernetes 1.24+
  • 3 4-vCPU Nodes
  • Project Contour Ingress 1.19+
  • Certmanager 1.6+