Field-level controls bind security policies directly to data types, ensuring consistent protection wherever sensitive data appears.
Regardless if DateOfBirth appears in your customer database or a Kafka topic, the same privacy rules follow the data automatically.
From simple role-based rules to complex data-driven logic, express your security requirements as code that travels with your data types.
Define once, automatically enforce everywhere.
Define your policies once, and they’re automatically applied across Kafka, Lambda, databases, APIs, and more.
A simple git push updates everything consistently across your system.
Authorization for the real world
From masking PII data to enforcing team-based access across microservices - implement consistent authorization policies in minutes.
Policies are automatically applied across your databases, APIs, event streams, and caches.
policy OnlyManagers against EmployeeInfo (user : User) -> {
read {
when {
// Managers can see everything
user.groups.contains('Manager') -> EmployeeInfo
// Users can see everything except salary
user.groups.contains('User') -> EmployeeInfo as {
... except { salary }
}
// Everyone else gets an error
else -> throw((NotAuthorizedError) { message: 'Not Authorized' })
}
}
}
Got another gnarly question? We'd love to hear it. Come and chat on Slack.