All integrations
DigitalOcean
Deployment

Deploy Cerbos on DigitalOcean

Run the Cerbos PDP on DigitalOcean using App Platform, Droplets, or Kubernetes clusters.

Multiple deployment options

Multiple deployment options

Run Cerbos as a container on App Platform, a binary on Droplets, or within a DigitalOcean Managed Kubernetes cluster

App Platform support

App Platform support

Deploy the Cerbos container image directly to App Platform for managed scaling and networking

Stateless scaling

Stateless scaling

Scale Cerbos horizontally across Droplets or pods with no coordination between instances

What is Cerbos?

Cerbos is an open-source authorization layer that decouples access control from your application code. It runs as a stateless Policy Decision Point (PDP) that evaluates fine-grained policies at request time.

Authorization policies are written in human-readable YAML supporting RBAC, ABAC, and conditional rules. They can be updated, tested, and deployed independently of your application.

Deploying Cerbos via DigitalOcean gives you a production-ready authorization service that scales horizontally and fits naturally into your existing infrastructure and observability stack.

Policy-as-codeHuman-readable YAML policies managed like source codeScalable PDPStateless policy decision point with sub-millisecond latencyCentralized managementManage, test, and deploy policies from a single control plane

How to deploy Cerbos on DigitalOcean

  1. Choose a deployment target, Select App Platform for managed containers, a Droplet for VM-based deployment, or Managed Kubernetes for orchestrated workloads.
  2. Deploy Cerbos, Use the official container image or download the static binary depending on your chosen deployment target.
  3. Configure policy loading, Point Cerbos at a local policy directory, Git repository, or Cerbos Hub for policy storage.
  4. Connect your application, Use a Cerbos SDK to send authorization checks to the running PDP.

FAQ

How do I deploy Cerbos on DigitalOcean?

Deploy the official Cerbos container image to DigitalOcean App Platform, run the binary on a Droplet, or deploy to a DigitalOcean Managed Kubernetes cluster. Configure your policy source and expose the HTTP and gRPC ports.

Does Cerbos require any external dependencies?

No. Cerbos is self-contained with no database or message queue required. Policies load from the filesystem, a Git repository, or Cerbos Hub.

Which DigitalOcean service should I use for Cerbos?

App Platform is the simplest option for container deployments. Droplets give full VM control. Managed Kubernetes works well if you already run a cluster for other services.

Learn more about Cerbos

How Cerbos worksCerbos PDPCerbos HubWebinars and ebooksFeatures & use casesSuccess stories

Related integrations

View all integrations →
Amazon EC2
Amazon EC2Standalone binary or container PDP on EC2 with full instance control
Deployment
Amazon ECS
Amazon Elastic Container ServiceStateless PDP container running as an ECS task or Fargate sidecar
Deployment
Amazon EKS
Amazon Elastic Kubernetes ServiceHelm-managed Cerbos on EKS with IRSA and Fargate support
Deployment
Amazon Elastic Beanstalk
Amazon Elastic BeanstalkMulti-container Cerbos sidecar that auto-scales with Beanstalk instances
Deployment
Amazon Lambda
AWS LambdaEmbedded in-process PDP for serverless authorization with no network hop
Deployment
AKS
Azure Kubernetes ServiceCerbos on AKS with workload identity and Helm-based lifecycle management
Deployment

Cerbos + DigitalOcean

  • Cerbos runs alongside your workloads in DigitalOcean
  • No external databases or message queues required
  • Built-in metrics, distributed tracing, and structured logging
  • Stateless PDP instances scale horizontally
Book a free policy workshopTry the Playground