Policies for Users in Chef A2

How can we apply policies to users and teams to minimal the access to the chef A2 resources?