i have a situation where i would like to have a ba...
# helpj
Jesum Yip
02/03/2022, 6:41 AMi have a situation where i would like to have a base set of policies, but a customer coming to my platform can choose to customize their policy set. in areas where they do not customize, i would like it to default to rules from the base set of policies. is hierarchies the only way to achieve this? or is this concept just a bad idea when working with ABAC (because it seems like a concept that sits better with RBAC)?
Jesum Yip
02/03/2022, 6:42 AMi do not need self-service customization yet (although business has sort of asked for that). for now, i can imagine hand-writing YAML files for policies. so this doesn't have to be self-serviced by the end users. they submit a change request, someone can write the YAML for them. but the core concept of policy inheritance is what i'm looking for
c
Charith (Cerbos)
02/03/2022, 9:30 AM
Hi Jesum. Yes, we understand that this is something people would like to do and we have been working on it. We are still not 100% comfortable with releasing it to the public because it needs more testing. If you are happy to be an alpha tester, I'll get back to you very soon with details of how you could try it out.
j
Jesum Yip
02/03/2022, 10:09 PMHi Charith. Please send me information on how to be an alpha tester.
c
Charith (Cerbos)
02/04/2022, 7:46 AM
Great! I'll let you know when it's ready for testing.
💯 1
Charith (Cerbos)
02/23/2022, 4:51 PM
Hi Jessum, hope we didn't keep you waiting for too long. We released the first iteration of this (called scoped policies) today with Cerbos 0.13.0. https://docs.cerbos.dev/cerbos/latest/policies/scoped_policies.html. Please have a look and we'll appreciate any feedback you have.
5 Views