Ideas
Running a script locally with a Cedar policy is straightforward. The challenge Rex was built for is doing it remotely — across large fleets, where the team running the script doesn't necessarily own the service it runs on.
Rex solves this by decoupling scripts from policies. Teams ship and iterate on their scripts independently. Service owners maintain Cedar policies that define the rules of engagement with their systems. Neither side waits on the other. The ideas below explore how to put this into practice.
Transport + Auth
How do scripts and policies reach the host?
Remote via SSM
Your on-call team needs to run diagnostics on production instances without SSH access. AWS Systems Manager (SSM) can send commands to instances without opening inbound ports.
Create a read-only SSM document with an embedded Cedar policy. Operators send Rhai scripts through SSM — the policy limits them to reading logs and listing processes. No SSH keys, no sudo, no risk of accidental writes. IAM controls who can invoke which endpoint.
Learn more →Remote via PKI
You manage a fleet of on-prem servers with no AWS account. You still want policy-controlled remote execution without depending on a cloud service.
Bundle the script and policy, sign it with your PKI key, and deliver it over any API or transport protocol. The agent on the instance verifies the signature and runs Rex. Only bundles signed by your key are accepted — no cloud dependency required.
Learn more →Interfaces
Who or what writes the scripts? Rex doesn't care — Cedar enforces the same sandbox regardless.
AI Agent Sandbox
You want an AI agent to help operators troubleshoot production issues, but you can't trust that it won't generate destructive commands.
The agent generates Rhai scripts from natural language and sends them through the same Rex endpoints as humans. If it hallucinates rm("/etc/passwd"), Cedar blocks it — same policy, same sandbox, regardless of who wrote the script.
Interactive Shell
Your support team needs to explore a production host interactively — try commands, inspect files, follow a trail — but a pre-written script is too rigid.
Build a shell-like interface where operators type familiar commands (cat, ls, grep). Each command is translated to a Rhai script and run with Cedar enforcement. Same sandbox, interactive experience.
Try it →Pick a transport model and an interface — they compose. An AI agent sending scripts through SSM, a shell backed by PKI-signed bundles, or any other combination. Same Rex binary, same Cedar enforcement.