Including new file in assembly

Author: lhite8041

assemblies/assembly-authorization-policy-effect.adoc

@@ -27,10 +27,4 @@ NOTE: Denying access is the default policy effect, meaning that if no rules matc
 + 
 If a basic rule permits an action but conflicts with a conditional rule, {product-very-short} applies the conditional rule.
 
-.Best practices for policy design
-
-To prevent unintended access denials, follow these guidelines when designing policies:
-
-* Use `permit` rules to explicitly allow access.
-* Rely on the default `deny` effect for all other cases.
-* Do not set explicit `deny` rules unless they are required to override existing permit rules.
+include::modules/authorization/con-rbac-policies-best-practices.adoc[leveloffset=+1]

modules/authorization/con-rbac-policies-best-practices.adoc

@@ -3,4 +3,8 @@
 [id="con-rbac-policies-best-practices_{context}"]
 = Best practices for permission policy design
 
-Text goes here
+To prevent unintended access denials, follow these guidelines when designing policies:
+
+* Use `permit` rules to explicitly allow access.
+* Rely on the default `deny` effect for all other cases.
+* Do not set explicit `deny` rules unless they are required to override existing permit rules.