Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage.

Cerbos Community

Hi guys, I know that in principal policies the `principal` refers to the `id` of the user, is there a way to make a general principal policy for a specific role?
my use case is I have an `admin` role that has all permissions and I don't want to repeat for example
```    - actions: ["*"]
      effect: EFFECT_ALLOW
      roles:
        - admin```
for each policy that I have

It's not possible to create a principal policy for a role. I understand that it's a bit repetitive to add the admin rule to every policy but it makes it easy to understand and reason about all the rules that apply to a particular resource without any surprises.

If there's lots of repetition in your policies, you could use a templating system like ytt to generate your policies from a set of templates.