etc/authzd/policy0.cedar


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

permit (
  principal,
  action == Action::"check",
  resource
)
when { context has bearer_token && context.bearer_token == "valid-token" };

permit (principal, action, resource)
when
{
  context has path &&
  context has method &&
  (context.method == "GET" || context.method == "HEAD") &&
  (context.path like "*.css" ||
   context.path like "*.js" ||
   context.path like "*.ico" ||
   context.path like "*.png" ||
   context.path like "*.jpg" ||
   context.path like "*.jpeg" ||
   context.path like "*.gif" ||
   context.path like "*.bmp" ||
   context.path like "*.html")
};