Hi Vishal,
If your use case is filtering data based on authorisation logic. Cerbos has a concept called a
query planner that makes filtering by authorization logic much easier and more efficient than iterating over a list of items and checking each one. There are some blog posts on our site about that (
https://cerbos.dev/blog/filtering-data-using-authorization-logic), and there are example query plan adapters available for some popular frameworks as well (
https://github.com/cerbos/query-plan-adapters)
Performance depends on many factors. Can you please share more details?
Does a record correspond to a single resource? Cerbos API request can include a batch of 50 resources with up to 50 actions to be checked for each resource. How many resources and actions do you check per request? How many policies do you have? What’s your deployment model?
Cerbos docker image is “distroless” and contains no shell.