https://cerbos.dev logo
#community
Title
# community
a

Ali Ataf

08/21/2023, 9:02 AM
Hi guys, I know that in principal policies the
principal
refers to the
id
of the user, is there a way to make a general principal policy for a specific role? my use case is I have an
admin
role that has all permissions and I don't want to repeat for example
Copy code
- actions: ["*"]
      effect: EFFECT_ALLOW
      roles:
        - admin
for each policy that I have
c

Charith (Cerbos)

08/21/2023, 10:07 AM
It's not possible to create a principal policy for a role. I understand that it's a bit repetitive to add the admin rule to every policy but it makes it easy to understand and reason about all the rules that apply to a particular resource without any surprises. If there's lots of repetition in your policies, you could use a templating system like ytt to generate your policies from a set of templates.
a

Ali Ataf

08/21/2023, 11:17 AM
Alright thanks!
6 Views