I can't find the answer after a few hours of searching but can't believe that there's no solution to this.
Is it possible to combine multiple ACLs in a single APM session. This would ideally be done using AD Group membership or similar. If user is member of group 1 then then get ACL1, however if they are in group 1&2 they get the combined result of ACL1&2.
I know that it's possible to use advanced resource assign to check group membership and apply a single ACL to the session but I can't see a way to combine multiple ACLs in that use case.
Yes, should be able to do this with the AD Group Resource Assign. I tested this and when the user is in 2 groups with 2 different ACLs both ACLs will be assigned. You can verify this by looking at the session variable "session.assigned.acls." Keep in mind you with need and AD Query in the VPE for AD Group Resource Assign to function correctly.