Amazon Verified Permissions introduces support for policy store aliases and named policies
AWS has introduced policy store aliases and named policies for Amazon Verified Permissions, enhancing multi-tenant deployments and policy management. These features are now accessible in all regions where the service is available.
Amazon Web Services (AWS) has announced new features for Amazon Verified Permissions, introducing support for policy store aliases, named policies, and policy templates. These enhancements aim to streamline multi-tenant deployments and simplify the management of policies within applications. Amazon Verified Permissions is a service that provides fine-grained authorization by allowing users to manage and enforce permissions using Cedar policies.
The addition of policy store aliases allows developers to assign easily readable aliases based on tenant identifiers, which can be used in any API call. This development eliminates the necessity for maintaining separate mapping tables to associate tenant identifiers with policy store IDs. Similarly, the introduction of named policies and policy templates enables users to reference policies by descriptive names rather than system-generated IDs, thereby simplifying the management of authorization logic as applications expand.
These new features are now available in all AWS Regions where Amazon Verified Permissions operates. Users can refer to the Amazon Verified Permissions endpoints and quotas for a comprehensive list of supported regions.
For those looking to utilize these new capabilities, guidance can be found in the Amazon Verified Permissions User Guide under sections titled ‘Policy store aliases’ and ‘Creating static policies’. Additional information is also available in the Amazon Verified Permissions API Reference.