Simply integrate Cerbos into your Rust app

Make authorization checks with a simple API call in your codebase using the Rust SDK.

What is Cerbos?

Cerbos is open source, decoupled access control for your application enabling you to implement fine-grained permissions in minutes.

Agile

Define and evolve complex policies without requiring a release cycle

Compliance

Meet your compliance requirements with a full audit trail of policies, permissions, access to resources

Enterprise

Be enterprise ready and meet your customer's organizational requirements with ease

Proactive

Coming soon: SIEM integrations and anomaly detection and recommendations of policy changes

Native Rust SDK

Checking authorization is as simple as calling a function in Rust which simnplifies your code

Leverage Context

Include request context attributes in the authorization logic to enable more contextual access controls

Keep up to date

Cerbos SDKs are kept up to date with the latest features and improvements

Client SDK Example

if cerbos_client.is_allowed("edit", user, resource, None).await? {
    // access allowed
}

if user.email.ends_with("@mycompany.com")
    || (user.company.package == "premium" && user.groups.any(|&g| g == "managers"))
{
    if user.region == resource.region {
        audit_log.record(audit::ALLOWED, "edit", user, resource);
        // access allowed
    } else {
        audit_log.record(audit::DENIED, "edit", user, resource)
        // access denied
    }
} else {
    audit_log.record(audit::DENIED, "edit", user, resource)
    // access denied
}

Before

After

Why Cerbos?

Simple

Define access policies using human-readable YAML. No need to master a new policy language.

Super-charged Roles

Dynamically derive new roles based on contextual information. Don't be limited to what your IdP provides.

Context-aware

Make use of context such as IP address and time of day to make realtime access decisions

Ultrafast API

Access decisions in milliseconds.

GitOps

Develop, test, and deploy policies just as you do with your source code.

Multiple Environments

Built-in policy versioning to support canary deployments and different environments.

Cloud Native

Containerised deployment as a microservice or a sidecar. REST and gRPC interfaces. Top-notch observability.

Audit Logs

Capture every decision and analyze them later.

Community

Leverage our community for examples and help.

Book a free Policy Workshop to discuss your requirements and get your first policy written by the Cerbos team