AWS has open-sourced the Cedar policy language and authorization engine, allowing users to express fine-grained permissions and decouple access control from application logic.
The Cedar project, under the Apache License 2.0, includes the language specification and SDK for policy authoring, validation, and access authorization. AWS encourages contributions through the Cedar-policy GitHub repository and the Cedar Policy Slack Workspace.
- AWS open-sourced the Cedar policy language and authorization engine.
- Follows a verification-guided development process for correctness and security.
- Amazon Verified Permissions uses Cedar for managing fine-grained permissions in custom applications.