Market map / Authorization & policy
Amazon Cedar
AWS's open-source policy language for fine-grained authorization, powering Amazon Verified Permissions.
- Category
- Open-source authorization policy language
- Lane
- Authorization & policy
- Founded
- 2023 (open-sourced)
- Ownership
- AWS (open source)
Summary
Cedar is an open-source policy language and evaluation engine from AWS for expressing and enforcing fine-grained authorization. It supports RBAC and ABAC with analyzable policies and is the engine behind Amazon Verified Permissions.
Best for
Teams that want an analyzable, AWS-aligned policy language, especially on AWS via Verified Permissions.
Consider if
You want a turnkey relationship-graph (ReBAC) service rather than a language to build on.
Strengths
- Analyzable policies with formal foundations
- Backed by AWS and Verified Permissions
- Open source
Considerations
- A language and engine, not a full managed control plane
- ReBAC patterns are less native than RBAC/ABAC