• Emre (Cerbos)

    Emre (Cerbos)

    1 month ago
    Welcome @Jesús Alberto Abreu. How can we help you? What is your use case?
    Emre (Cerbos)
    j
    14 replies
    Copy to Clipboard
  • v

    Viet Au

    1 month ago
    Hi, I am trying to use scopes in a golang project. After defining the policies with scope. I don't see how I can set the scope on the resource I am validating, e.g. when you call the IsAllowed method of the PrincipalContext, how does it know what scope to start from?
    v
    Alex Olivier (Cerbos)
    +1
    8 replies
    Copy to Clipboard
  • s

    sdktr

    1 month ago
    👋! After reading the (very clear) docs I have a question: Could Cerbos answer the question: ‘to which tenants does this user have access?’. Our use case is a GQL frontend gateway that talks to unopiniated grpc backend microservices. We are exploring the pattern of having the external client sending an unfiltered request (/devices, without specifying tenantIDs) to the gateway. This GW should then enforce RBAC and make a filtered request to the /devices backend, containing only the tenants this user has access to.
    s
    Charith (Cerbos)
    5 replies
    Copy to Clipboard
  • s

    sdktr

    1 month ago
    2nd question: any hints on the concept of ‘Priviliged Access Managament’ or ‘Just In Time’ access, in relation to cebos. Do your users have these time based concepts implemented by means of a conditonal time based derivedpolicy? So when requesting ‘temporary access’ to manage a resource, a acompanying temporary policy has to be added via Admin API?
    s
    Alex Olivier (Cerbos)
    3 replies
    Copy to Clipboard
  • v

    Viet Au

    1 month ago
    Hi @Alex Olivier (Cerbos) are there any performance benchmarks for Cerbos?
    v
    Alex Olivier (Cerbos)
    2 replies
    Copy to Clipboard
  • v

    Viet Au

    1 month ago
    Hi, for principal policies, the documentation says that wildcard for a resource is supported, but if I use wildcard "*" for a resource it is rejected.
    v
    Alex Olivier (Cerbos)
    +1
    6 replies
    Copy to Clipboard
  • Emre (Cerbos)

    Emre (Cerbos)

    1 month ago
    Hello @Rounak Datta 👋 How can we be of help? What is your use case?
    Emre (Cerbos)
    r
    4 replies
    Copy to Clipboard
  • v

    Viet Au

    1 month ago
    Hi, in the playground, How do I add scope to a resource in the right panel?
    v
    Alex Olivier (Cerbos)
    5 replies
    Copy to Clipboard
  • v

    Viet Au

    1 month ago
    Hi, when talking directly to the Cerbos gRPC service, how do I represent the attributes for a principal and for a resource in JSON? I need this for testing the gRPC in Postman and K6. Trying to do similar to this example in the playground https://play.cerbos.dev/p/LXjgi62fb63c1QypYuZhsyRK3cTMcRx5 This is what I have but it does not work.
    {
    "requestId": "123123",
    "version": "default",
    "principal": {
    "id": "<mailto:email@email.com|email@email.com>",
    "roles": [
    "user"
    ],
    "attr": [
    {
    "key":"salesreps",
    "value": {
    "kind": {
    "listValue": ["1","2"]
    }
    }
    }
    ]
    },
    "resources": [
    {
    "resource": {
    "kind": "customer",
    "version": "default",
    "id": "12345",
    "scope": "teamb",
    "attr": [
    {
    "key":"salesrep",
    "value": {
    "kind": {
    "stringValue": "2"
    }
    }
    }
    ]
    },
    "actions": ["VIEW"]
    }
    ]
    }
    v
    Alex Olivier (Cerbos)
    7 replies
    Copy to Clipboard
  • v

    Viet Au

    1 month ago
    Hi, are the "Cerbos Query Plan helpers" production ready and something we can use?
    v
    Charith (Cerbos)
    2 replies
    Copy to Clipboard