Hey <!channel>! We wanted to share our latest blog with you, in which we explore two approaches to implementing 💡 hierarchy-based permissions in Cerbos, inspired by a real-world use case for a data analytics platform. Both methods leverage ABAC, but differ in their implementation strategy: 1️⃣ Policy-defined roles with attribute-based conditions. Defining explicit role policies for each tenant where hierarchical logic is hardcoded inside the policy. 2️⃣ Dynamic, attribute-driven generic policies. Shifting the hierarchical conditions entirely to the principal’s attributes and using a single, generic policy for interpretation. Feel free to check out the details here