“What I appreciate the most about Cedar is the deep knowledge that is encoded into why it works the way it works.”
AWS built Cedar as an authorization policy language. Now it’s going vendor-neutral through CNCF. The selling point is formal verification using Lean theorem prover. You can prove your security policies behave correctly before deploying them. That’s a real upgrade over “we think it works.” Decoupling authorization from application code means you can update permissions without redeploying. One of the rare cases where enterprise tooling might actually make security easier instead of just more bureaucratic.