Cedar, an open-source policy language architected by AWS, has joined the CNCF as a Sandbox project. Designed for fine-grained application permissions, it decouples access control from code using a ver

InfoQ is a leading online platform for software developers, architects, and technical leaders, providing news, articles, presentations, and interviews on a wide range of topics, including agile practices, DevOps, microservices, and emerging technologies. With a focus on quality content and expert insights, InfoQ helps professionals stay informed about the latest trends, best practices, and industry developments. Developers can learn from real-world experiences, gain  knowledge, and connect with peers in the global software community through InfoQ's diverse and engaging content.

InfoQ

Cedar, an open-source authorization policy language originally developed by AWS, has joined the CNCF as a Sandbox project. The language enables fine-grained access control by decoupling permissions from application code, supporting RBAC, ABAC, and ReBAC models. Cedar distinguishes itself through formal verification using the Lean theorem prover and differential testing, ensuring mathematical correctness of policy enforcement. Unlike general-purpose tools like OPA, Cedar is purpose-built for application-level authorization with high-performance evaluation. The project has been adopted by organizations including Cloudflare, MongoDB, and StrongDM, and now transitions to vendor-neutral governance under CNCF.

Cedar Joins CNCF as a Sandbox Project