As an example, when iterating on login policies, every change invalidates all active sessions for the affected account. This creates a feedback loop: authors must repeatedly log back in (and disrupt other users' sessions) each time they test a policy modification, even for minor fixes like correcting a role name.
The existing policy simulator helps validate syntax and basic logic, but it does not catch real-world authorization issues. For example, a policy may reference a role name like writer instead of the correct space-writer. The simulator evaluates the policy as valid, but the role doesn't actually grant the intended permissions in practice. These kinds of bugs are only discoverable through live testing β which currently means deploying to production and invalidating sessions.
Please authenticate to join the conversation.
π In Review
π‘ Feature Requests
Resources
About 3 hours ago
Get notified by email when there are changes.
π In Review
π‘ Feature Requests
Resources
About 3 hours ago
Get notified by email when there are changes.