AWS's Cedar authorization policy language has joined the CNCF as a Sandbox project, bringing formally verified, policy-as-code capabilities to cloud-native environments while establishing a vendor-neutral governance model.
Cedar, an open-source authorization policy language and SDK originally developed by AWS, has officially joined the Cloud Native Computing Foundation (CNCF) as a Sandbox project. This transition marks a significant step toward establishing a vendor-neutral standard for defining and enforcing fine-grained permissions in modern cloud-native applications.
What's New: Cedar's Journey to CNCF
The move to CNCF represents Cedar's evolution from an AWS internal project to a community-governed standard. Originally architected by AWS, the language now transitions to a vendor-neutral governance model designed to foster broader contributor participation and deeper integration with the cloud-native ecosystem.
As a CNCF Sandbox project, Cedar follows the foundation's standard maturity lifecycle, with plans to progress from Sandbox to Incubation and eventually Graduated status. This path mirrors that of other successful CNCF projects like Kubernetes and Prometheus, which have become foundational technologies in cloud-native environments.
Cedar's core innovation lies in its approach to access control. Traditional authorization in cloud-native environments has often relied on hard-coded logic or general-purpose policy engines. Cedar solves this by allowing developers to express permissions as policies, effectively decoupling access control from application logic. This separation enables teams to update permissions without redeploying code—a pattern commonly referred to as policy-as-code.
Developer Experience: Policy-as-Code with Mathematical Assurance
Cedar's developer experience centers on its expressive yet analyzable policy language. The language supports common authorization models, including Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Relationship-Based Access Control (ReBAC), providing flexibility for various use cases.
A distinguishing feature of Cedar is its focus on assurance and safety through formal verification. The language specification is formally verified using the Lean theorem prover, and its Rust implementation undergoes differential random testing against this formal specification. This mathematical rigor ensures that the policy engine behaves exactly as intended—a critical requirement for security-sensitive operations.
The project's reliance on automated reasoning enables advanced tooling capabilities that enhance developer productivity. Developers can use the policy validator to check for errors before deployment, ensuring that policies are consistent with the defined schema. This capability allows for mathematical analysis of policies to answer questions such as whether a specific request would be allowed or denied, providing a higher level of confidence than traditional testing methods alone.
Lucas Käldström, Emeritus at Kubernetes SIG and WG co-chair and CNCF Ambassador, highlighted this balance in the language's design: "What I appreciate the most about Cedar is the deep knowledge that is encoded into why it works the way it works… the careful balance between expressiveness and analyzability."
User Impact: Positioning in the Authorization Landscape
Cedar's entry into the CNCF places it in the same ecosystem as the Open Policy Agent (OPA), a graduated CNCF project. While OPA and its language, Rego, are general-purpose tools capable of handling infrastructure, admission control, and application policies, Cedar is purpose-built specifically for application-level authorization.
This specialization allows Cedar to prioritize high-performance evaluation for applications with millions of users and resources—a key differentiator in large-scale deployments. Additionally, Cedar's native support for ReBAC aligns it with the Google Zanzibar model, positioning it as an alternative to other Zanzibar-inspired open source projects like OpenFGA.
Since its initial open-source release, Cedar has seen adoption across various industries. Organizations such as Cloudflare, MongoDB, StrongDM, and Cloudinary have integrated the technology into their stacks. It also underpins AWS services like Amazon Verified Permissions and AWS Systems Manager, demonstrating its production readiness.
The project has begun integrating with other open source initiatives, including the Linux Foundation's Janssen Project and the Kubernetes-Cedar-Authorizer. These integrations extend Cedar's applicability to identity management and Kubernetes authorization scenarios.
For developers and organizations, Cedar's CNCF membership offers several benefits:
- Vendor neutrality: Reduced dependency on a single vendor, with governance handled by the CNCF
- Community growth: Access to a broader contributor base and diverse expertise
- Ecosystem integration: Easier adoption alongside other CNCF projects
- Standardization: Potential for becoming a de facto standard in application authorization
As the cloud-native landscape continues to evolve, authorization remains a critical concern. Cedar's formal approach to policy-as-code, combined with its performance characteristics and CNCF backing, positions it as a compelling option for organizations seeking to implement fine-grained, verifiable access controls in their applications.
For those interested in exploring Cedar, the project's GitHub repository provides comprehensive documentation, examples, and implementation guides. The official Cedar documentation offers deeper insights into the language specification and best practices for implementation.
About the Author
Mark Silvester is a Platform and Architecture Manager working at Griffiths Waite, a software consultancy based in Birmingham, UK. Responsible for platform strategy, with a focus on delivering innovative solutions for enterprise clients. Areas of interest include cloud-native technologies, DevOps practices, and the practical application of AI in engineering and architecture.
Comments
Please log in or register to join the discussion