|
|
|
|
|
|
by emreb
1570 days ago
|
|
|
Disclaimer, I am a founder of Cerbos. At Cerbos, rather than writing policies in Rego, you can write them in a much simpler YAML/JSON (much more like AWS IAM) (a bit late to the party) Hi Fabian,
At Cerbos we had to handle this issue as well and wrote a blog post about [1] how we can convert a policy into a generic AST that you can use in your data filtering logic on your data storage. This way you can empower your data storage queries to only fetch the relevant records. To showcase how this works, we have released a Prisma ORM plugin [2] that converts our AST to Prisma filters - you can see a demo on Prisma’s YouTube channel[3] [1]: https://cerbos.dev/blog/filtering-data-using-authorization-l... [2]: https://cerbos.dev/blog/fully-featured-authorization-for-you... [3]: https://youtu.be/lqiGj02WVqo?t=3616 |
|
|