Rafael Szuminski
06/17/2023, 11:43 PMAlex Olivier (Cerbos)
Rafael Szuminski
06/18/2023, 3:07 PMRafael Szuminski
06/18/2023, 3:08 PMAlex Olivier (Cerbos)
Rafael Szuminski
06/18/2023, 3:09 PMRafael Szuminski
06/18/2023, 3:09 PMAlex Olivier (Cerbos)
Rafael Szuminski
06/18/2023, 3:11 PMRafael Szuminski
06/18/2023, 3:11 PM{"log.level":"info","@timestamp":"2023-06-18T15:06:33.189Z","log.logger":"cerbos.server","message":"maxprocs: Leaving GOMAXPROCS=10: CPU quota undefined"}
{"log.level":"info","@timestamp":"2023-06-18T15:06:33.189Z","log.logger":"cerbos.server","message":"Loading configuration from /conf/config.yaml"}
{"log.level":"info","@timestamp":"2023-06-18T15:06:33.191Z","log.logger":"cerbos.disk.store","message":"Initializing disk store from /policies"}
{"log.level":"info","@timestamp":"2023-06-18T15:06:33.214Z","log.logger":"cerbos.index","message":"Found 16 executable policies"}
Alex Olivier (Cerbos)
Rafael Szuminski
06/18/2023, 3:13 PMAlex Olivier (Cerbos)
Alex Olivier (Cerbos)
const cerbos = new HTTP(`192.168.0.17:3592}`);
const result = await cerbos.checkResources({
principal: principal,
resources: resources
});
Rafael Szuminski
06/18/2023, 3:19 PMAlex Olivier (Cerbos)
const cerbos = new HTTP(`<http://localhost:3592>`);
await cerbos.checkResources({
principal: {
id: "1",
roles: ["user"],
},
resources: [
{
resource: {
id: "123",
kind: "test",
},
actions: ["user"],
},
],
});
Rafael Szuminski
06/18/2023, 3:22 PMAlex Olivier (Cerbos)
Alex Olivier (Cerbos)
Rafael Szuminski
06/18/2023, 3:26 PMAlex Olivier (Cerbos)
Alex Olivier (Cerbos)
---
server:
httpListenAddr: ":3592"
grpcListenAddr: ":3593"
cors: # CORS defines the CORS configuration for the server.
allowedHeaders: ['content-type', 'user-agent'] # AllowedHeaders is the contents of the allowed-headers header.
allowedOrigins: ['*'] # AllowedOrigins is the contents of the allowed-origins header.
disabled: false # Disabled sets whether CORS is disabled.
maxAge: 10s # MaxAge is the max age of the CORS preflight check.
engine:
defaultPolicyVersion: "default"
auxData:
jwt:
disableVerification: true
storage:
driver: "disk"
disk:
directory: "/policies"
watchForChanges: true
Alex Olivier (Cerbos)
cors
key should be under the server
object and user-agent
also needs to be in the allowedHeaders
listRafael Szuminski
06/19/2023, 12:45 AM