Just have a few questions about Cerbos. I integrated CASL, an ABAC library, and Cerbos seems quite similar. The main difference I am seeing, based on the Cerbos docs, is that Cerbos Policies are inherently queried over a network API, whereas CASL does not assume (or come with) any such network API. Is that roughly correct?
10/30/2023, 8:57 AM
Well, Cerbos is deployed as a service or sidecar into your environment with GitOps managed policies. That gives you language-agnostic, centralised policy management (quite handy in polyglot microservice environments), authorization rule change rollout without requiring application restarts and comprehensive audit logs -- just to name a few advantages over other solutions (IMHO).