Open mbortolazzo opened 4 months ago
orweis
commented
4 months ago For other viewers this is a question more about Permit.io than OPAL but the shared Rego code can be used in both.
Hi @mbortolazzo - yes of course. Check out this demo - docs.permit.io/modeling/rebac-GHC, it uses the custom folder created in Gitops to load this custom Rego which imports the generated Rego code, and adds an ABAC policy on top to enforce time based access boundries.
mbortolazzo
commented
4 months ago Hi @orweis, that's how it looks. I mean, here is an example of what it looks like. I am trying to understand if we can replace our custom CLI and YML files with Rego
orweis
commented
4 months ago Hi @orweis, that's how it looks. I mean, here is an example of what it looks like. I am trying to understand if we can replace our custom CLI and YML files with Rego
I think there's maybe a missing attachment here ?
mbortolazzo
commented
4 months ago No, my English was just missing. What I was trying to say is that the link shows how to enable GitOps. What I am interested in is how a ReBAC project looks in Rego. As we need to chose if to use Rego or set up our system with a custom CLI and HTTP call to Permit.io
gemanor
commented
4 months ago We have here an example of a custom policy that includes the generated ReBAC policy - https://github.com/permitio/ghc-demo-policy You can read more on the modeling of this repository here - https://www.permit.io/blog/building-healthcare-authorization-nextjs and here - https://docs.permit.io/modeling/rebac-GHC
Hi,
I wonder if we can use GitOps with ReBAC and if we can have an example.
Cheers