Hi there, I have what's hopefully a quick confirmation about Cerbos PDP and its CLI - Is the

cerbos compile

command only for running the test suite against the policy repo? The name makes me think it will output some sort of compiled artifact that the PDP would use, but I don't see anything - is the expectation for a CI setup with Cerbos PDP that you just distribute out all the policy yaml files as is to your PDP instances and trigger a store reload via the admin API?

Hi Jacob, > Is the

cerbos compile

command only for running the test suite against the policy repo? Yes, to validate policies and to run tests. Cerbos engine operates on compiled policies, but this command does not produce the compiled output. > is the expectation for a CI setup with Cerbos PDP that you just distribute out all the policy yaml files as is to your PDP instances and trigger a store reload via the admin API Some Cerbos users do that, but each PDP has to be hit separately if there are multiple PDPs. Another way is to rely on the store’s

updatePollInterval

, so each PDP’s store is reloaded automatically. The third way is to skip building your own CI setup and use Cerbos Hub, which simultaneously distributes precompiled policies to all PDPs.

Thank you very much, that answered my questions!