It started as an observation. Navan was reviewing Cedar policies for Leash—the rules that governed what agents could and couldn't do, what files they could touch, what network connections they could make—and he stopped typing mid-sentence. He tilted his head the way he did when he was seeing something that wasn't obvious, which was often.
"Jay," he said. "Read this out loud."
Jay looked over. On Navan's screen was a Cedar policy:
permit (principal, action, resource) when { resource.trust_level > 7 };
"Permit principal, action, resource when resource trust level greater than seven," Jay read, in the flat cadence of someone parsing code.
"No, read it like a sentence. Like you're reading it to someone who doesn't know what Cedar is."
Jay tried again, slower. "Permit... the principal... to perform the action... on the resource... when the resource's trust level... is greater than seven."
"It's a sentence," Navan said. "It's a complete, grammatical, comprehensible sentence. The syntax IS the semantics. There's no gap between what it says and what it means."
Jay stared at the policy. He was used to reading code as code. He had never read a policy statement as prose. But Navan was right. Cedar policies, well-written ones, read like declarations. Like laws. Like poetry.
Navan started collecting them. He opened a new page in his physical notebook—number nine by this point—and began transcribing the policies he considered most beautiful. Not most complex. Not most useful. Most beautiful.
forbid (principal, action, resource) unless { principal in resource.owners };
Forbid everything unless you own it.
permit (principal, action, resource) when { action in [Action::"read", Action::"list"] && resource.classification != "secret" };
You may look at anything that isn't secret.
forbid (principal, action, resource) when { context.time.hour < 6 || context.time.hour > 22 };
Nothing happens in the dark hours.
He filled three pages. Jay found himself reading over Navan's shoulder, and then, against his better judgment, contributing. "What about the one from the agent containment policy? The one that restricts network access during assessment?"
Navan flipped to it. forbid (principal, action, resource) when { resource.type == "network" && context.phase == "assessment" };
During the test, you are alone.
They both sat with that for a moment.
Justin walked by, saw the notebook, and read a few entries. "You're anthologizing our security policies."
"I'm curating them," Navan corrected. "There's a difference. An anthology is comprehensive. A curation is selective. I'm selecting for elegance."
"Elegance in authorization policies."
"Elegance is where you find it."
Justin nodded. He did not argue the point. He had, after all, spent months writing NLSpecs that were meant to be read by both humans and machines, documents that lived in the liminal space between prose and program. He understood, perhaps better than anyone, that the boundary between language and logic was thinner than most people believed.
Navan's collection grew. Jay started a parallel digital version. They never published it, but the notebook sat on Navan's desk, open to a page of policies that read like commandments for a world that was being invented in real time.
"During the test, you are alone." I got chills from an authorization policy. I didn't know that was possible. I need to lie down.