diff --git a/src/abbey/functions/has_attribute.rego b/src/abbey/functions/has_attribute.rego
new file mode 100644
index 0000000..10afb80
--- /dev/null
+++ b/src/abbey/functions/has_attribute.rego
@@ -0,0 +1,5 @@
+import future.keywords.if
+
+has_attribute(name, value) := true if {
+	data.system.abbey.identities.directory_sync_users.custom_attributes[name] == value
+}
diff --git a/src/abbey/functions/in_group.rego b/src/abbey/functions/in_group.rego
new file mode 100644
index 0000000..cdc7d9e
--- /dev/null
+++ b/src/abbey/functions/in_group.rego
@@ -0,0 +1,7 @@
+import future.keywords.if
+import future.keywords.in
+
+in_group(group_name) := true if {
+	some group in data.system.abbey.group_memberships
+	group == group_name
+}