DevOps Paradox DOP 297: Streamline Access Control Using Cerbos
Jan 8, 2025
In this engaging discussion, Alex Olivier, co-founder and CPO at Cerbos, dives into the world of access control and governance. He highlights the critical differences between authentication and authorization, especially in implementing scalable solutions. The conversation touches on the importance of audit logs for compliance and explores the challenges of authorizing AI agents in modern businesses. Alex also shares insights on how Cerbos streamlines policy management, making it easier for organizations to maintain security while adapting to evolving needs.
AI Snips
Chapters
Transcript
Episode notes
Authentication vs. Authorization
- Authentication verifies user identity, like checking a passport at an airport.
- Authorization determines what a user can do, like customs deciding entry based on visas.
Cerbos Origin Story
- Alex Olivier's team needed fine-grained authorization for their SaaS platform but AWS IAM wasn't available as a service.
- This led them to build Cerbos to externalize authorization logic.
Decoupling Authorization with Cerbos
- Decouple authorization logic from application code using Cerbos policies.
- Define resource types, actions, and conditions in YAML, leveraging CEL for attribute-based access control.