[keycloak-user] Keycloak AuthZ Client - Link resource/scope to policy/permission via API

Dear all, I've a question regarding the authZ client. Is there a way to connect the resources created with the client with policies/permissions via the API, or is there only the HMI (Admin Console) to make this connection? The thing is we would like to use Keycloak for defining the access rights on thousands of resources (objects like database entries, files) and it would be very cumbersome to do this by hand for each single resource. Or is this authorization service meant to be used in another way (protecting URI for applications) only? Best regards, Christian