cedar_loader
Module: cedar_loader
Section titled “Module: cedar_loader”Contents
Section titled “Contents”Structs
CedarPolicyStore- Thread-safe Cedar policy store with hot-reload support.CedarPolicyStoreWatcher- Owns the file watcher and reload task for a [CedarPolicyStore].
firma_authority::cedar_loader::CedarPolicyStore
Section titled “firma_authority::cedar_loader::CedarPolicyStore”Struct
Thread-safe Cedar policy store with hot-reload support.
All policy state (PolicySet, Schema, PolicyBundle) is held under a
single RwLock so that reload() updates are atomic — no reader ever
sees a new policy set paired with a stale schema or bundle.
Methods:
fn load(policy_dir: &Path, schema_path: Option<PathBuf>, bundle_ttl_seconds: u32) -> Result<Self>- Load policies frompolicy_dirand construct the store.fn policy_set(self: &Self) -> Arc<PolicySet>- Get a snapshot of the current policy set for evaluation.fn schema(self: &Self) -> Arc<Schema>- Get the current schema snapshot for evaluation.fn bundle(self: &Self) -> PolicyBundle- Get the current policy bundle for distribution to sidecars.fn watch(self: Self) -> Result<CedarPolicyStoreWatcher>- Watch the policy directory for changes and reload automatically.
Trait Implementations:
- Clone
fn clone(self: &Self) -> CedarPolicyStore
firma_authority::cedar_loader::CedarPolicyStoreWatcher
Section titled “firma_authority::cedar_loader::CedarPolicyStoreWatcher”Struct
Owns the file watcher and reload task for a [CedarPolicyStore].
Dropping this handle stops the file watch and the reload task.
Methods:
fn subscribe(self: &Self) -> watch::Receiver<PolicyBundle>- Subscribe to policy bundle updates. Returns the current bundlefn abort(self: &Self)- Abort the background reload task immediately.
Trait Implementations:
- Deref
fn deref(self: &Self) -> &<Self as >::Target