Cerbos is an open-source solution designed to simplify and modernize access control for cloud-native, microservice-based applications.

Instead of hardcoding authorization logic into your application, Cerbos lets you write flexible, context-aware access policies using a YAML syntax. These policies are managed separately from your app and evaluated via simple API requests to Cerbos’ Policy Decision Point (PDP).

Instant policy updates, no redeploys – Update access rules on the fly without recompiling or redeploying. Product owners can adjust policies directly, freeing up developers and accelerating delivery.

Configurable authorization – Cerbos moves access logic out of code and into YAML configuration, making it transparent, easy to manage, and always in sync with your system.

Access across services – Share policies across teams and languages using Cerbos’ language-agnostic API, ideal for modern, distributed microservices.

DevOps-friendly and pbservable – Built for GitOps, Cerbos supports policy testing, CI/CD integration, metrics, and tracing. It runs efficiently in containerized environments on x86-64 and ARM64.

Trackable and compliant – Store policies in version control for full visibility into what changed, when, and by whom. This simplifies audits and ensures accountability.

Cerbos is available for free on GitHub.

