“ I have checked the documents of AWS for custom policy creation and authorization using amazon verified permissions. Amazon verified permissions make it easy and secure for policy creation and authentication purposes. In terms of cost, the solution is cheaper and secure.”
Amazon verified permissions is a fully managed authorization service that uses the cedar policy language, so you can build more secure applications. With verified permissions, developers can build applications faster by externalizing authorization and centralizing policy management. They can also align authorization within the application with zero trust principles. Security and audit teams can better analyze and audit who has access to what within applications.
In this post, you will experience custom policy creation and authorization using amazon verified permissions. Here I have created the custom static policy with resource action under policy scope and also run the authorization to check if the policy is satisfied or still having issue.
Architecture Overview
The architecture diagram shows the overall deployment architecture with data flow, amazon verified permissions, authorization request and policy.
Solution overview
The blog post consists of the following phases:
- Create of Sample Policy via Sample Policy Store Option
- Create of Static Policy for Custom Policy Scope
- Output of Test Bench via Run of Authorization Request for Policy Satisfaction
Phase 1: Create of Sample Policy via Sample Policy Store Option
- Open the Amazon Verified Permissions console, click on create policy store. Choose to start from a sample policy store option, select photoflash under sample project. Leave other options default and create the policy store. You can next goto overview to view the policy store created.
Phase 2: Create of Static Policy for Custom Policy Scope
- Under the Policies tab, choose create static policy option. In policy scope, choose effect as permit then principals scope as specific principal then resources scope as specific resource then resource this policy should apply to as photoflash:album and name of it. Under actions scope, select specific set of actions and required policy apply on it. Specify the description and create a policy.
Phase 3: Output of Test Bench via Run of Authorization Request for Policy Satisfaction
Clean-up
Amazon verified permissions : policies, policy templates.
Pricing
I review the pricing and estimated cost of this example.
Cost of Amazon Verified Permissions =
Amazon Verified Permissions CreatePolicy = 40 USD per million CreatePolicy API requests for 2 API Requests = $0.00
Amazon Verified Permissions GetPolicy = 40 USD per million GetPolicy API requests for 4 API Requests = $0.00
Amazon Verified Permissions ListPolicies = 40 USD per million ListPolicies API requests for 7 API Requests = $0.00
Amazon Verified Permissions SingleAuthorizationRequest = 5 USD per million Single Authorization Requests for 1 API Requests = $0.00
Total Cost = $0.00
Summary
In this post, I showed “custom policy creation and authorization using amazon verified permissions”.
For more details on Amazon Verified Permissions, Checkout Get started Amazon Verified Permissions, open the Amazon Verified Permissions console. To learn more, read the Amazon Verified Permissions documentation.
Thanks for reading!
Connect with me: Linkedin
Top comments (0)