Technology · Ebook

Cedar: Authorization as Policy

by Shriira Press

A practical, in-depth guide to Cedar, the open-source policy language and authorization engine. Learn how Cedar separates authorization from application code: the authorization problem (scattered code vs policy-based authZ), the Cedar language (permit/forbid, scope, when/unless conditions), the request and entity model (principal, action, resource, context, plus entities and hierarchies), policy evaluation (combining rules, default deny, forbid guardrails, diagnostics), schema and validation, RBAC and ABAC (and practical ReBAC) unified in one language, safety/analyzability/performance (a constrained, verifiable language), integration (SDKs and Amazon Verified Permissions) and operations, and Cedar in practice.

Contents

1. 1Preface
2. 2Chapter 1 — What Cedar Is
3. 3Chapter 2 — The Authorization Problem
4. 4Chapter 3 — The Cedar Language
5. 5Chapter 4 — The Request and Entity Model
6. 6Chapter 5 — Policy Evaluation
7. 7Chapter 6 — Schema and Validation
8. 8Chapter 7 — RBAC and ABAC with Cedar
9. 9Chapter 8 — Safety, Analyzability, and Performance
10. 10Chapter 9 — Integration and Operations
11. 11Chapter 10 — Cedar in Practice