Start by selecting the group in your SSO provider you want to give permissions to author and edit policies.
Then, navigate to the Account Users tab in the Control Plane and select "Manage Roles". From there, you'll want to create a custom role by clicking on "Add New Role" from the "Manage Roles" pop up. Select the desired permissions—in this case, just "Modify Policies", give your role a name, and map your chosen SSO groups.
You can read more about mapping SSO groups to roles here.
