Skip to main content
Version: 2.0.0

Building an RBAC Policy

Creating an RBAC Policy is very simple within Permit. Let's run through a simple example that is defined below.


An Administrator within a company can perform all actions on documents

Creating roles

As part of the RBAC Policy, we need to create specific roles that will be assigned specific permissions. We are going to create two roles; an admin and a customer.

Creating the Admin Role within the UI

Creating Admin Role

Creating the Customer Role within the UI

Creating Customer Role

Adding a Resource

Once we have established the roles we want within out project, we need to define the resource for the roles. Remember that each created resource becomes available for each role within each project.

Roles with no Resources

As you can see, we currently have no resources, so lets define a resource called documents. For that specific resource, we need to define the actions that we can perform on the resource. In this case, we can create, read, update and delete documents.

Creating a Resource within the UI

Creating the Resource

This is what the roles will look like now, with each individual resource defined and the actions that we can select. We are ready give permissions to the role to perform the selected actions on the resource.

Resources and actions assigned

Assigning Permissions to Actions

Under each role, we have selected the actions we want to allow that role to perform on the current resource.

Roles with specific selected permissions

Creating the Resource

Creating a User & Assigning a Role

Now that all our roles as defined with the correct permissions, we need to assign the specific roles to individual users within our company.

The users

We need to navigate to the Users panel to work with users within Permit.

Creating the Resource

Assigning a role to a user

After the user has been created, we can assign him a role from the roles we have available within out policies.

Creating the Resource

A user with the admin role

Once the user is created and a role is assigned, you can view this users in a rendered table in the Users panel.

Creating the Resource

Congratulations! You have created a simple RBAC Policy!