Question
Design an authorization-as-a-service platform that other product teams in your company integrate to externalize authz out of their app code: teams define their own resource types and permission models, end-customers configure their own roles and sharing, and a single check API answers 'can subject S do action A on resource R?' for dozens of internal products with wildly different models (some RBAC, some ownership/sharing, some hierarchical). Total ~2M checks/sec. Walk through the schema/policy abstraction you'd expose, how you store each product's relationships/policies in one engine, and the trade-off between a flexible policy DSL and predictable performance.
Clarify scale and constraints first. Propose a clean component breakdown, then go deep on the hard parts — data model, bottlenecks, consistency, failure modes — and name the trade-offs you are making.