Hello all, Getting an incorrect response from `/a...
# help
Hello all, Getting an incorrect response from
API. In the policy, we defined the
role CDO
can access resource
with the action
read and edit
. But when we validate the request using
API, sometimes we get "EFFECT_ALLOW" and sometimes we get "EFFECT_DENY". I've given the setup, configuration, and screenshot below. Kindly help me to resolve this issue. Deployed cerbos on lambda - API Gateway URL cerbos-config:
Copy code
    disableVerification: true
    enabled: true
      username: <USER_NAME>
      passwordHash: <PASSWORD>
  playgroundEnabled: true
  driver: "mysql"
    dsn: "user:password@tcp(host:3306)/db_name"
1. How often do you get EFFECT_DENY? 2. Do you see anything interesting in the log when you get EFFECT_DENY? I ran a few tests using the above endpoint. I sent 500+ requests in total and got EFFECT_ALLOW every time… except one. I don’t know what the response was. It might be EFFECT_DENY or an error. I added more error handling to my script, but no luck - it is always EFFECT_ALLOW since then. I refrained from sending too many requests to the endpoint minding your cloud cost.
We are also unable to reproduce the same error. Maybe some response cache issue or something else. However we have moved to Production and awaiting for similar reportings from the users or the logs. It has been 2 days and no issues so far. Will keep tracking this in our product.