Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage.

Cerbos Community

Are there any examples of deploying Cerbos in a Kubernetes cluster with a configured LoadBalancer? I have an ingress setup, and it allows for http-access. But to get grpc working, I need to proxy the port 3593. Using AWS EKS, I have setup a very basic LoadBalancer that should proxy this. But it never reaches the Cerbos deployment, and in the AWS, it states that the LoadBalancer is out of service because of failing health checks.
Do I need to setup and handle the health checks myself, or does Cerbos come with this support? And if so, how do I configure this?

Cerbos supports the gRPC healthcheck protocol on the gRPC port OR you can use an HTTP health check on port 3592 at the path `/_cerbos/health`.

In order for gRPC to work, HTTP/2 must be enabled between the loadbalancer and the pods. I don't know whether that's on by default on AWS.

According to <https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/deploy-a-grpc-based-application-on-an-amazon-eks-cluster-and-access-it-with-an-application-load-balancer.html>, it looks like you need to add quite a few annotations to the ingress as well.