Permit OSS as fallback
While Permit is not an open-core company, many of its underlying components are OSS based. These allow for easier fallback option in migrating from Permit, reducing vendor lock-in , and tech stack mixins. Yes, you are reading right - we are actually explaining how to move away from Permit, if you choose to - we do hope you choose to stay with us of course-- but we want you to have all the choices.
Permit OSS foundations
The following is a list of key OSS items in Permit
- OPAL is a key component in Permit's control-plane - it is what allows Permit to manage PDPs at scale with a zero-trust, real-time, event driven fashion.
- OPA is a first class citizen decision-engine option powering Permit's PDPs
- Cedar-agent is a first class citizen decision-engine option powering Permit's PDPs
- The Permit SDKs - SDKs per language enabling API usage and wrapping calls from code to the policy-engines
Fallback Concept Guide
To migrate from Permit to a self made standalone solution one can follow the following steps:
- Use Permit's Gitops feature to sync all of the policies generated by Permit's policy-editor backend into a git repository - you now have code ready to run on your policy engine of choice which you can freely edit.
- Setup your own control plane based on OPAL to act as a replacement to Permit's control plane
- Setup PDP container images with OPAL-client and your policy-engine of choice
- Create your own SDK, or use Permit's SDKs in a passthrough mode - talking directly to the policy engines within the PDPs
- (Extra) Build back-office / customer facing interfaces you need to consume on-top, as API or UI - to provide management