Collaborative policy playgrounds

Cerbos Hub playgrounds are fully-interactive, private development environments that provide an IDE-like experience for authoring policies. Quickly create or edit policies and test fixtures with instant feedback on syntax issues and test failures. Take advantage of the powerful collaborative editing features to pair with colleagues to develop new authorization rules or use it as a sandbox to train new team members on Cerbos policies.

Creating a playground

Login to Cerbos Hub and select one of the organizations you’re a member of. Click on the "Playgrounds" tab to view existing playgrounds or to create a new one.

When creating a new playground, you have a number of options:

  • Create an empty playground to start from scratch

  • Generate a starter RBAC policy by answering a few questions about your user roles, resources and actions

  • Start with an example template set of policies covering common use cases

  • If you have created a Cerbos Hub workspace by connecting a GitHub repository, you have the option of creating a playground populated with files from one of the git branches as well.

After creating a playground, click on the "Video tutorial" button on the top right corner of the screen to learn the basics.

Try the API

One of the key features of the playground is the ability to try out authorization checks against your policies without having to run a local Policy Decision Point (PDP). In the Implement tab of the sidebar, you can experiment with both the Check API and the Plan API. This section allows you to select from your test fixtures and view the request structure needed to call the PDP, as well as the expected response.

Try the API

Connect a PDP to a playground

For developers looking to test the integration of their application, Cerbos Hub offers a Playground PDP connection. This feature allows you to start up a PDP locally in your development environment and connect it to your current playground instance. Any changes you make in the playground are immediately reflected in your local PDP, enabling fast iteration and providing a real-time feedback loop for your integration efforts.

Instructions for starting up a local PDP can be found in the Implement tab under "Connect a PDP"

Connect a PDP

Note that while the Playground PDP connection is an excellent tool for rapid development and testing, it’s not intended for production use. When you’re ready to release your application to production environments, you should create a workspace connected to your policy repository and configure the PDPs to receive bundle updates via Cerbos Hub’s fully managed CI/CD pipeline. It also allows you to take advantage of Cerbos Hub audit log collection to effortlessly store and analyze all the decisions made by your PDPs.