Zero Trust authorization for AI agents with Aperture by Tailscale
Enforce fine-grained, identity-aware authorization on AI agent tool calls routed through Aperture by Tailscale using Cerbos.
Identity-aware authorization
Tailscale attaches identity to every connection. Cerbos uses that identity to enforce fine-grained tool-call authorization per user and role.
Visibility and control
Aperture shows which agents are running and what they invoke. Cerbos determines whether each action is allowed based on policy.
No code changes
Policies are enforced at the gateway, independent of agent code. Update permissions without redeploying your agents.
How Cerbos works with Aperture by Tailscale
AI agents and tools introduce a new class of authorization challenges. They act on behalf of users, access sensitive data, and chain operations, all of which need fine-grained access control.
Cerbos provides policy-driven authorization that controls what AI systems can do, which data they can access, and on whose behalf. Policies are written in human-readable YAML and evaluated at request time.
With Cerbos and Aperture by Tailscale, you get guardrails that scale with your AI adoption, centrally managed policies, full audit trails, and sub-millisecond decision times that don't slow down agent workflows.
How Cerbos authorizes agents through Aperture
- Agent connects via Aperture, The AI agent routes through Aperture by Tailscale, which attaches the user's identity to the connection.
- Tool call triggers an authorization check, Before a tool call proceeds, the request is sent to the Cerbos PDP with the user context, tool, and target resource.
- Cerbos evaluates policies, The PDP applies fine-grained rules based on identity, role, and environment. Decisions are deterministic and auditable.
- Allow or deny, with full audit trail, Cerbos returns a decision. Every tool call is logged with the principal, action, resource, and result.
FAQ
How does Cerbos work with Aperture by Tailscale?
Aperture routes AI agent traffic over your Tailscale network with identity attached to every connection. Cerbos evaluates fine-grained policies at every tool call to decide what each agent can do, based on the identity, role, and context provided by Tailscale.
Can I control which tools each agent can use?
Yes. Cerbos policies are attribute-based, so you can restrict tool access by user, role, department, or any other context. Policies are written in YAML and managed outside your application code.
Does this provide an audit trail for agent actions?
Yes. Aperture tracks which agents are running and which tools they invoke. Cerbos logs every authorization decision with full context, giving you a complete audit trail of what was allowed, denied, and why.
Learn more about Cerbos
Related integrations
View all integrations →
Cerbos + Aperture by Tailscale
- Cerbos policies govern AI agent tool access and data visibility
- Full audit trail for every AI tool call and data access
- Per-user permissions enforced across autonomous agent workflows
- Sub-millisecond policy evaluation with no agent pipeline overhead
Authorization for AI systems
By industry
By business requirement
Useful links
What is Cerbos?
Cerbos is an end-to-end enterprise authorization software for Zero Trust environments and AI-powered systems. It enforces fine-grained, contextual, and continuous authorization across apps, APIs, AI agents, MCP servers, services, and workloads.
Cerbos consists of an open-source Policy Decision Point, Enforcement Point integrations, and a centrally managed Policy Administration Plane (Cerbos Hub) that coordinates unified policy-based authorization across your architecture. Enforce least privilege & maintain full visibility into access decisions with Cerbos authorization.