Hi, Image a Saas with many tenants and each tenant has its own policies and can create new one or change them. In a short times the number of policies grows quickly (hundreds and more). How can I conveniently manage/view all these policies? I'm afraid it's easy to make a mistake that negatively impacts on security. Sure, tests are a solution, but only when the rules are already known. In this case the application starts without any policies and are built during use. Some advice? Thank you.

Hi. Cerbos is an API-first product so just as you'd use the Admin API to dynamically create/update policies, you can use it to view the policies as well. The

cerbosctl

CLI can also be used for that purpose. If you need more advanced things, probably best to schedule a call with us so that we can understand your requirements and give you some personalised advice. In terms of preventing logic errors introduced by users authoring policies, that's a tough problem. That's one of the reasons why we advocate the GitOps model for most users because that could at least catch some of those bugs. Presumably, in a SaaS setting, you don't want to go through that manual review process. Cerbos tools can help you catch syntax errors and bad data but, as you can probably appreciate, it's nearly impossible for any tool to prevent someone from creating a logic error. Cerbos scoped policies can give you some guard rails by providing a base set of rules you can enforce on your resources. You could also use tests to ensure that your absolute invariants don't change. Other than that, the only other thing I can think of is having a custom UI that restricts what kind of rules users could construct (e.g.

write

permission can only be applied to resources X,Y and Z). Hope that helps.

Thanks Carith. I agree with your point of view. We have to investigate to find the right balance between flexibility and maintainability. I was wondering how the companies Olivier talked about in his video () manage policies such as blockchain, a telecom company.

We do have users who chose to go the full dynamic route and some others who prefer the GitOps model. I can't talk about the specifics of a particular company. But, maybe when @Alex Olivier (Cerbos) is back from his Xmas break, he'll be happy to talk in general terms about how our users manage their policies.