Hi, this forum is primarily for the Kong Community edition. For Kong Enterprise questions, you will get faster (this forum is not covered by any SLAs) and more customized responses if you contact your sales / customer success representative.
Yes. RBAC can be applied to a finer granularity than workspaces. The endpoint parameter applies to the urls, so you could create permissions for /services/foo, for example. With entity RBAC, you can even apply rules per entitty itself, so yes.
Currently there’s not a way to apply RBAC in a dev portal. It’s in the roadmap and it’s being worked on, but not released yet.