Title
d
Dmitry Meyerson
05/15/2023, 7:06 PMhi all - thank for your help so far, if there a way to use s.think like regex to define a resource policy where derived role naming choices/convention can be leveraged - example in thread
apiVersion: api.cerbos.dev/v1
description: progA specific resources
resourcePolicy:
version: default
importDerivedRoles:
- common_roles_based_on_locale_and_groups
resource: progA
rules:
- actions:
- GET:(.+)
effect: EFFECT_ALLOW
derivedRoles:
- {capture_group}-READmaybe @Emre (Cerbos) or @Dennis (Cerbos)
( the above is non-working psuedo-code to help illustrate my question)
apiVersion: api.cerbos.dev/v1
description: progA specific resources
resourcePolicy:
version: default
importDerivedRoles:
- common_roles_based_on_locale_and_groups
resource: progA
rules:
- actions:
- GET:some_program
effect: EFFECT_ALLOW
derivedRoles:
- {some_program}-READc
Charith (Cerbos)
05/16/2023, 8:11 AMHi, please don't
@d
Dmitry Meyerson
05/16/2023, 4:01 PMok - thanks - will stop @ing