Fine-grained permissions and authorization for your applications
Vendor
Amazon Web Services (AWS)
Company Website
Fully managed Cedar service for fine grained authorization
Introduction to Verified Permissions
Amazon Verified Permissions is a fully managed authorization service that uses the provably correct Cedar policy language, so you can build more secure applications. With Verified Permissions, developers can build applications faster by externalizing authorization and centralizing policy management. They can also align authorization within the application with Zero Trust principles. Security and audit teams can better analyze and audit who has access to what within applications.
Benefits
Decouple authorization from application logic
Accelerate application development by decoupling authorization from business logic.
Protect your application resources
Protect application resources and manage user access to the principle of least privilege.
Simplify application and resource access audits
Simplify compliance audits at scale using automated analysis to confirm that permissions written in Cedar work as intended.
Continual, realtime authorization decisions
Build applications aligned with Zero Trust principles of continual real-time authorization decisions.
Use cases
Define a fine-grained authorization model
Create policies from templates and enforce those controls in Amazon API Gateway and AWS AppSync.
Grant fine-grained permissions within applications
Administrators can create application-wide policies written in Cedar, and developers can grant user permissions to access data and resources.
Audit permissions across applications
Review Cedar policy model changes and monitor authorization requests using Verified Permissions.