AWS Adopts Cedar To Extend Kubernetes Authorization

At KubeCon North America in Atlanta, AWS principal engineer Micah Hausler described Cedar, an authorization engine AWS released in 2022 and open-sourced in 2023, as a more expressive alternative to Kubernetes RBAC. He said Cedar supports attribute-based policies, schema validation, autocomplete and formal verification, is written in Rust, and is onboarding to the CNCF sandbox with adopters like Cloudflare and MongoDB.
Key Points
- 1Introduces Cedar as an authorization engine addressing Kubernetes RBAC limitations with attribute-based policies.
- 2Highlights schema validation, autocomplete, and formal verification for correct, performant, and readable policy authoring.
- 3Encourages adopters and contributors across Rust, Go, TypeScript, Python to build language bindings.
Scoring Rationale
Practical and credible update with CNCF onboarding and language bindings, but not a brand-new, paradigm-shifting technology.
Sources
Public references used for this report.
Practice with real Ride-Hailing data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Ride-Hailing problems


