The application programming interface or API is a core component of contemporary system architecture, allowing applications to be modularized and decoupled. FastAPI is a Python-based high-performance web framework for building APIs. FastAPI is easy to use with simple, clear documentation and is a favourite of tech giants such as Microsoft.
Cerbos offers an authorization service that enables organizations to define and enforce access control policies in their FastAPI applications. Implementing Cerbos with a FastAPI app can be accomplished by following these simple steps:
Cerbos binaries are available for various different operating systems and architectures. For a list of all available downloads, please visit our releases page on GitHub.
Make sure you have both Cerbos SDK and FastAPI installed. You can install Cerbos SDK using pip, a package management system written in Python.
Once Cerbos is installed you will need to define your access control policies. Cerbos make this easy to do using Cerbos Policy Language. Access policies need to specify who will be granted access to which digital resources and under what conditions.
The Cerbos configuration file needs to specify the location of your access policy files and other relevant settings that will be necessary to implement your access control protocols.
With your policies defined replace the authorization logic within your FastAPI app with a call out to a running Cerbos instance.
Now it’s time to test your Cerbos implementation by making requests to your FastAPI endpoints. If all goes according to plan Cerbos will automatically enforce the access control policies you established.
Make sure to tailor your access policies to your specific needs and to conduct thorough testing before going live.
The following are just some of the benefits you’ll enjoy by integrating Cerbos with FastAPI.
Centralized policy management: With Cerbos you get a simple way to implement centralized management of your access control policies. Define and manage all your access control policies in one place and enjoy faster and easier updating and maintenance of your access control rules.
Fine-grained access: Cerbos enables you to define access control policies via attributes assigned to users, resources and contextual situations. When you integrate Cerbos with FastAPI you are able to enforce access control at the API level thereby providing greater security for key resources.
Enhanced auditing capability: When you integrate Cerbos with FastAPI RBAC you’ll gain greater control and insight into user activity. Track access to control decisions, audit access requests, investigate security incidents and enhance compliance with GDPR and other data protection regulations by integrating Cerbos with FastAPI.
Greater cross service compatibility: Both Cerbos and FastAPI are well-suited for creating microservice architectures. Cerbos is particularly well-suited to working with different APIs. When you integrate Cerbos with FastAPI you ensure more consistent access control between your various microservices while simultaneously providing greater security and data handling compliance throughout your distributed system.
Real-time access control decisions: Because Cerbos supports dynamic policy evaluation you are able to make access control decisions based on real-time context. The simplest, but hardly the only, example of this is determining whether to allow access to a specific resource based on the time of day. Cerbos’ dynamic evaluation can be easily integrated with FastAPI authorization to enhance access control.
Ease of integration: “Ease” is a relative term but not an inappropriate one in this context. FastAPI is well-known for being easy to use and extensible, while Cerbos provides a host of relevant documentation along with client libraries that will help you get started.
Multi-tenancy support: When you integrate Cerbos with FastAPI you are able to more easily enforce access rules in cases where your application serves multiple tenants or organizations. Cerbos will also allow you to develop and implement access control policies based on each tenant’s specific access requirements.
Book a free Policy Workshop to discuss your requirements and get your first policy written by the Cerbos team