Variables, log rotation, JWTs and more - Cerbos v0.30

The v0.30 release of Cerbos is packed with new features such as variable validation, log rotation and JWT skew support.

We have been working closely with users of Cerbos such as Envoy, Blockchain.com, Utility Warehouse, 9fin, and Salesroom on this release. We can’t wait to hear more about what you would like to see in future releases - join our Slack community to join the conversation.

Variable validation

Variables used in policies are now checked at compile time to detect unknown variables and circular references. This change helps policy authors detect problems with policies early on during development time and enables the Cerbos engine to perform runtime optimizations as well.

Log rotation

The file audit log driver now supports automatic log rotation based on file size and age. It also gains the ability to output to multiple destinations (tee) such as a file and stdout/stderr simultaneously.

Configurable JWT skew

When working with JSON Web Tokens it is sometimes useful to have a small amount of skew allowed on time-based claims (exp and nbf) for cases when clocks may be slightly out of sync or a token has been cached.

Also with this release, you now export a policy store - particularly useful when working with database stores - and also compile policies in a zip/tar.gz archive.

You can find the full release notes for v0.30 on docs.cerbos.dev and if you have any questions join our Slack community.