I've built a basic Platform as a Service (PaaS) on AWS, and now I'm looking to set up a robust system for managing user authorizations. My setup includes applications, users, and various actions/data within those apps that users can access. I really like the AWS IAM policy format for its comprehensiveness, but I've found AWS Verified Permissions and the Cedar language to be less appealing. I'm hoping to find a custom policy engine that can evaluate my specific authorization needs. What are some options, and how can I implement this within AWS?
1 Answer
You might want to check out Cedar, which AWS has open-sourced. It’s somewhat related to IAM and could be worth exploring for your needs. Take a look at their site for more details!
Just a note, Cedar isn’t the same engine as IAM. It was designed by folks who really know IAM well, but it functions independently.