Low latency API endpoint to check a user's policy compliance to enable Zero Trust

[zhumo]

Goal

Customers need a low-latency, scalable, and rapidly-updated API route that that tells them which policies are passing and failing for a particular host. This enables Zero Trust use cases. Under a Zero Trust regime, the customer's identity provider will be pinging this API frequently to ask it whether the user is in compliance. Thus, the endpoint must be:

• low-latency so that this ping will not slow down the end user's work
• scalable so that it can accommodate many requests per second for large companies
• rapidly-updated so that users are blocked promptly when they fall out compliance with policies.
• rapidly-updated so that the API unblocks users promptly after they click "refetch" to confirm that they've fixed the problem.

If the rollout of the Zero Trust regime significantly impacts the end user's work experience, this is a large risk because it stops all work at the company for a day and damages the team's reputation.

Requirements

• Test the platform for latency and scalability so that we can share results with users and so that, if necessary, we understand what's needed to meet needs

Related

Child issues

• https://github.com/fleetdm/fleet/issues/6227