Amazon Verified Permissions introduces policy store aliases and named policies
AWS introduces policy store aliases and named policies in Amazon Verified Permissions, simplifying multi-tenant deployments and policy management.
Amazon Web Services (AWS) has announced the introduction of policy store aliases, named policies, and policy templates in Amazon Verified Permissions. This enhancement is designed to streamline multi-tenant deployments and simplify the management of policies on a day-to-day basis. Amazon Verified Permissions is a service that offers fine-grained authorization, enabling users to manage and enforce permissions across their applications through Cedar policies.
The new features aim to eliminate the need for maintaining separate mapping tables that associate tenant identifiers with policy store IDs or for tracking individual policy and template IDs. With the introduction of policy store aliases, developers of multi-tenant applications can now assign a human-readable alias based on a tenant identifier. This alias can be used in any API call, thereby removing the necessity for a lookup table.
In addition, the implementation of named policies and policy templates allows users to reference policies by meaningful names rather than system-generated IDs. This advancement simplifies the management of authorization logic as applications expand, making it easier for developers to maintain and scale their systems.
The new features, including policy store aliases and named policies and templates, are available in all AWS Regions where Amazon Verified Permissions is offered. For a comprehensive list of supported regions, users can refer to the Amazon Verified Permissions endpoints and quotas.
To begin utilizing these new capabilities, users are encouraged to consult the section on Policy store aliases and Creating static policies in the Amazon Verified Permissions User Guide, or visit the Amazon Verified Permissions API Reference for more detailed information.