Cerbos v0.0.2

Highlights

Admin API preview

The new Admin API allows the Cerbos PDP to receive dynamic policy updates via the API when the underlying storage engine supports mutability. (Currently only the sqlite3 driver supports mutability.). The Admin API has to be enabled explicitly from the configuration file and requires HTTP Basic authentication to access it. Other authentication methods will be supported in the future.

SQLite3 storage engine

This release adds experimental support for SQLite3 as a storage engine. This work lays the foundation for supporting other dynamic data sources as policy repositories.

Configuration override flags

All Cerbos configuration values can now be overridden using command line flags. This enables quick experimentation without requiring changes to the config file. For example, the new Admin API and the sqlite3 driver can be tried out by running the following:

docker run -i -t pkg.cerbos.dev/containers/cerbos:0.0.2 server --config=/conf.default.yaml \
    --set=server.adminAPI.enabled=true \
    --set=storage.driver=sqlite3 \
    --set=storage.sqlite3.dsn=':memory:'

Changelog

44 commits since v0.0.1. 166 files changed, 12527 insertions(+), 2755 deletions(-)

Features

Introduce Admin API (#135)
Playground API (#118)

Enhancements

Add CORS support (#128)
Config override from flags (#121)
Allow slashes in resource names (#98)

Bug fixes

Handle the case with no derived role imports (#140)
Fix number handling in conditions (#101)