Amazon Releases Verified Permissions
Written by Kay Ewbank   
Friday, 30 June 2023

Amazon has released Verified Permissions, a fine-grained permissions management and authorization service for developers to use in applications at any scale. Amazon Verified Permissions was announced in a preview version at re:Invent 2022. It centralizes permissions in a policy store and helps developers use those permissions to authorize user actions within their applications.

Amazon says that Verified Permissions lets developers build more secure applications faster by externalizing authorization and centralizing policy management. It also means developers can "align application access with Zero Trust principles", and it provides a way for security and audit teams to analyze and audit who has access to what within applications.

 awslogo

To define fine-grained permissions, Amazon Verified Permissions uses Cedar, an open-source policy language and software development kit (SDK) for access control.

Cedar is described on GitHub as an open source policy language and evaluation engine. Cedar lets developers express fine-grained permissions as easy-to-understand policies enforced in their applications, and decouples access control from application logic. Cedar supports common authorization models such as role-based access control and attribute-based access control. The developers say it is the first policy language built from the ground up to be verified formally by using automated reasoning, and tested rigorously using differential random testing.

The use of Cedar in Amazon Verified Permissions means you can define a schema for your authorization model in terms of principal types, resource types, and valid actions.When a policy is created, it is validated against your authorization model. Templates can be used to simplify the creation of similar policies, and any changes to the policy store are audited so that you can see of who made the changes and when.

You can then connect your applications to Amazon Verified Permissions through AWS SDKs to authorize access requests. For each authorization request, the relevant policies are retrieved and evaluated to determine whether the action is permitted or not,  and developers can test that permissions work as intended by reproducing test authorization requests.

 awslogo

More Information

AWS Verified Permissions

Cedar On GitHub

Related Articles

Amazon Open Sources Python Library for AWS Glue

Amazon Announces AWS Visual Embedding

Amazon Launches AWS Workflow Studio

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner


Go At Highest Rank Ever in TIOBE Index
20/11/2024

Go is currently in 7th place in the TIOBE Index for November 2024. Not only is this is the highest position it has ever had, it's percentage rating is almost equal to its all-time-high. Will Go contin [ ... ]



Zitadel Announces Funding And Future Plans
21/11/2024

Zitadel has announced a major funding round that will be used to expand technical teams and fund further product development. The company is the creator of an open source project for cloud-native iden [ ... ]


More News

espbook

 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Friday, 30 June 2023 )