Decoupling Authorization at Scale: MongoDB Atlas and Cedar-Based Resource Policies
Open Source Blog
This article explains how MongoDB Atlas adopted Cedar, an open-source authorization engine, to implement scalable resource policies for enterprise governance at scale.
- MongoDB evolved from role-based access control to Cedar-based resource policies for complex authorization needs
- Cedar separates policy logic from application code, enabling declarative, auditable infrastructure-as-code policies
- Resource policies enforce geographic restrictions, network security, configuration standards, and resource limits organization-wide
- Over 1,562 organizations have adopted Atlas Resource Policies to enforce governance without restricting developer velocity
- Cedar integration provides consistent policy semantics, real-time evaluation, and independent policy evolution from service releases
- Platform teams can now manage organizational guardrails through unified policy-as-code approach with clear error messaging
MongoDB's Cedar adoption demonstrates how SaaS providers can implement scalable, maintainable authorization governance while balancing security with developer agility.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jun 16
2025
2025
Introducing Cedar Analysis: Open Source Tools for Verifying Authorization Policies
Mar 22
2024
2024
Performant, Fine Grained Authorization at scale powered by Amazon DynamoDB
Nov 14
2024
2024
Introducing resource control policies (RCPs), a new type of authorization policy in AWS Organizations
May 2
2025
2025
Graph-powered authorization: Relationship based access control for access management
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.