strands.vended_interventions.cedar.cedar_authorization
Cedar authorization intervention handler.
TypeAndId
Section titled “TypeAndId”A Cedar entity identifier with ‘type’ and ‘id’ keys.
PrincipalResolver
Section titled “PrincipalResolver”Resolves a principal from invocation_state. Return None to deny (fail-closed).
ContextEnricher
Section titled “ContextEnricher”Injects extra fields into context.session. Receives {‘tool_name’, ‘tool_input’, ‘invocation_state’}.
CedarAuthorization
Section titled “CedarAuthorization”class CedarAuthorization(InterventionHandler)Defined in: src/strands/vended_interventions/cedar/cedar_authorization.py:71
Cedar authorization intervention handler.
Evaluates Cedar policies before each tool call. Each tool maps to a Cedar action,
with context structured as \{input: <tool_args>, session: \{hour_utc, call_count, ...}}.
Call counts are persisted to agent.state under the key "cedar-authorization"
so they survive handler recreation and are included in session snapshots.
.. note:: Each handler instance is scoped to a single agent. Sharing one instance across multiple agents will cause rate-limit counts to leak between them.
Example::
cedar = CedarAuthorization( policies=‘permit(principal, action == Action::“search”, resource);’ ) agent = Agent(interventions=[cedar], tools=[search_tool])
on_error
Section titled “on_error”@propertydef on_error() -> OnErrorDefined in: src/strands/vended_interventions/cedar/cedar_authorization.py:95
What to do when this handler throws.
__init__
Section titled “__init__”def __init__(*, policies: str, tools: list[ToolDefinition] | None = None, entities: list[dict[str, Any]] | str | None = None, schema: str | None = None, principal: TypeAndId | None = None, principal_resolver: PrincipalResolver | None = None, context_enricher: ContextEnricher | None = None, on_error: OnError = "throw") -> NoneDefined in: src/strands/vended_interventions/cedar/cedar_authorization.py:99
Initialize the Cedar authorization handler.
Arguments:
policies- Inline Cedar policy text or path to a .cedar file.tools- MCP tool definitions for auto schema generation.entities- Entity data as inline list, JSON string, or path to .json file.schema- Cedar schema as inline text or path to .cedarschema file.principal- Static principal identity.principal_resolver- Dynamic principal resolver from invocation_state.context_enricher- Callback to inject extra fields into context.session.on_error- Error handling mode for user callback exceptions.
before_tool_call
Section titled “before_tool_call”def before_tool_call(event: BeforeToolCallEvent, **kwargs: Any) -> Proceed | DenyDefined in: src/strands/vended_interventions/cedar/cedar_authorization.py:155
Evaluate Cedar policy before tool execution.
reload
Section titled “reload”def reload() -> NoneDefined in: src/strands/vended_interventions/cedar/cedar_authorization.py:230
Reload policies/entities/schema from disk. Validates before committing.
reset_call_counts
Section titled “reset_call_counts”def reset_call_counts(agent: Agent | None = None) -> NoneDefined in: src/strands/vended_interventions/cedar/cedar_authorization.py:250
Clear all rate-limit call counters.
Arguments:
agent- If provided, also clears persisted counts from agent.state.