• Jesum Yip

    Jesum Yip

    8 months ago
    There seems to be something wrong with https://download.cerbos.dev/helm-charts
    Jesum Yip
    1 replies
    Copy to Clipboard
  • Jesum Yip

    Jesum Yip

    8 months ago
    is there a way to write time-based cerbos policies? like manager from branch A is only allowed access to branch A data between 9am to 5pm from Mondays to Fridays, or engineer in department C can only access archive data for the next 3 hours?
    Jesum Yip
    Dennis (Cerbos)
    4 replies
    Copy to Clipboard
  • Yong Cheng Toh

    Yong Cheng Toh

    8 months ago
    [help needed: nested principals] hey there Cerbos community, it’d be great if you can help me with the following scenario: • I have a
    BUSINESS
    principal, which has 2 other principals nested under it:
    API_KEY
    and
    USER
    . • How can I use Cerbos to map the constraints such that: ◦ A
    USER
    will be constrained by it’s
    BUSINESS
    ’s policies? For example: ▪︎ The
    BUSINESS
    is banned from accessing Product A ▪︎ The
    USER
    that belongs to this
    BUSINESS
    should also be banned from accessing Product A
    Yong Cheng Toh
    Dennis (Cerbos)
    +2
    10 replies
    Copy to Clipboard
  • Jesum Yip

    Jesum Yip

    7 months ago
    i have a situation where i would like to have a base set of policies, but a customer coming to my platform can choose to customize their policy set. in areas where they do not customize, i would like it to default to rules from the base set of policies. is hierarchies the only way to achieve this? or is this concept just a bad idea when working with ABAC (because it seems like a concept that sits better with RBAC)?
    Jesum Yip
    Charith (Cerbos)
    5 replies
    Copy to Clipboard
  • Jesum Yip

    Jesum Yip

    7 months ago
    hmmmmm i don't know if this is a question to be posted here but based on https://github.com/google/cel-spec/blob/master/doc/langdef.md i can see CEL supports regular expressions through the "matches" symbol.
    Jesum Yip
    Dennis (Cerbos)
    44 replies
    Copy to Clipboard
  • Jesum Yip

    Jesum Yip

    7 months ago
    Can this be a derivedrole?
    Jesum Yip
    Charith (Cerbos)
    7 replies
    Copy to Clipboard
  • Muhammad Awais Ullah

    Muhammad Awais Ullah

    7 months ago
    Hi <!channel>
    Muhammad Awais Ullah
    1 replies
    Copy to Clipboard
  • Muhammad Awais Ullah

    Muhammad Awais Ullah

    7 months ago
    Hi @channel. I need to use storage drive postgres. I don’t see any code sample in docs. My understanding is choosing this storage option replace the policy definition process instead of yaml file the policy would be stored in database. Can someone share more details any working sample for database approach.
    Muhammad Awais Ullah
    Dennis (Cerbos)
    +1
    19 replies
    Copy to Clipboard
  • m

    Majid

    7 months ago
    is there, at present, a way to delete a policy when using the postgres backend? i don’t see a delete endpoint for policies in the admin api docs, and the schema doesn’t permit me to persist a policy with empty actions or rules. based on that it would seem my only options are persisting a single action/rule that intentionally does nothing, or deleting from the db manually, neither of which seem like great options
    m
    Charith (Cerbos)
    2 replies
    Copy to Clipboard
  • Chitvesh Dutta

    Chitvesh Dutta

    7 months ago
    Is there a way to define/honour user hierarchy? Example: User1 is manager of User2 thus is able to see the records owned by User2.
    Chitvesh Dutta
    1 replies
    Copy to Clipboard