At Permify we’re building open-source, a distributed authorization system inspired by Google's Zanzibar. Zanzibar is the global authorization system used at Google for handling authorization for hundreds of its services and products including; YouTube, Drive, Calendar, Cloud and Maps.

Beyond Zanzibar approach, we’re adding new features and functionalities to enhance our authorization structure.

To give brief overview, the robust authorization system rests on a few pillars.

1. Simplified access reviews that enhance transparency.
2. Adaptable management of logic for dynamic changes.
3. Efficient auditing processes to ensure traceability.
4. Consistency and reliability, underpinning fast and scalable performance.

Our goal is excellence in every area. In this document, we focus on scalability, highlighting our tests and its proven outcomes.

Infrastructure

For tests we used following infrastructure

• AWS general purpose class for Permify cluster
• AWS general purpose class for Postgres
• Grafana k6 for monitoring

<aside> 💡 These tests have not been conducted on instances with PrivateLink because setting up a test environment on an instance with PrivateLink has been challenging.

</aside>

<aside> 💡

The same instance types has been set up for PrivateLink. If you are experiencing significantly different results, please let us know.

</aside>

Goals

In our tests, we have focused on scaling Permify up to 100k PRS with 1B relationships.

However, we conduct couple test to before to reach there. The goals of the test were to validate that Permify exhibits similar latency metrics across a total of 5 tests with varying throughput and relationships stored, here is the full list:

Test Case (Model)