1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
I would suggest having two entity types:
- User (memberOfTypes: Group)
- Group
Then you would have two policies granting the same access:
permit(principal == User::"MyUserForTesting", ...)
permit(principal in Group::"A", ...)
You could try to consolidate it into a single policy by adding 'groups' and 'userId' attribute on user but I think it will hurt policy readability.
répondu il y a 4 mois
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 3 mois
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 3 ans
Great, thank you. I got it working.