New to cerbos, How to check for permissions when listing resources?

Hey, 1. Use the query planner API to produce your policies’ abstract syntax tree (AST) for the particular principal and the desired action. 2. Use an existing adapter or create a new one to convert an AST to SQL. 3. Check the tutorial for Prisma/SQLAlchemy ORMs examples.

what if I am using dynamodb?

Unfortunately, we don’t have an adapter for dynamodb. I believe the closest one is an adapter for Mongoose (mongodb ORM): https://github.com/cerbos/query-plan-adapters/tree/main/mongoose.

is it possible to build aws like IAM where we can allow users to create policies.

The Admin API has an endpoint for adding/updating policies so your application can achieve that for your users. This endpoint requires a mutable storage driver (a database).

so we can have each customer IAM like aws with this? will be able to create tenant accounts?

Yes, to both questions. The scoped policies are typically used in the multi-tenant scenario. You can book a free workshop to get help with modelling your application requirements.

awesome, registered for free workship