Expand description
Enterprise policy engine for centralized authorization management.
Ties together Cedar policy evaluation, Ed25519 signature verification, HTTP policy fetching, local caching, and audit logging into a unified PolicyEngine that integrates with the sandbox lifecycle.
Re-exports§
pub use audit::PolicyAuditLogger;pub use audit::PolicyDecisionLog;pub use cache::OfflineMode;pub use cache::PolicyCache;pub use cedar::Action;pub use cedar::CedarEngine;pub use cedar::PolicyDecision;pub use cedar::PolicyEffect;pub use cedar::Principal;pub use cedar::Resource;pub use cedar::validate_cedar_syntax;pub use client::PolicyClient;pub use signing::PolicyBundle;pub use signing::TrustAnchor;pub use signing::verify_bundle;
Modules§
- audit
- Policy decision audit logging in OCSF-compatible JSONL format.
- cache
- Local policy cache for offline operation.
- cedar
- Cedar policy evaluation engine for enterprise authorization.
- client
- HTTP client for fetching policy bundles from the enterprise policy server.
- signing
- Ed25519 cryptographic signing and verification for policy bundles.
- streaming
- Audit log streaming for enterprise policy decisions.
- tenant
- Multi-tenant organization and team hierarchy for enterprise policy management.
Structs§
- Policy
Engine - The unified policy engine that coordinates all enterprise policy components.