All news with #cedar tag

Migrating from OPA to Amazon Verified Permissions Guide

🔁 This AWS Security Blog post by Samuel Folkes outlines a practical approach to migrating authorization from Open Policy Agent (OPA) and Rego to Amazon Verified Permissions using the Cedar policy language. It highlights key benefits: a fully managed service, reduced operational overhead, and significant performance gains. The article walks through schema design, common translation patterns (RBAC, ABAC, ReBAC), application integration changes, testing practices, and a phased deployment strategy to compare and validate behavior during migration.

Amazon Verified Permissions Adds Four New AWS Regions

🔒 Amazon Verified Permissions is now available in Asia Pacific (Taipei), Asia Pacific (Thailand), Asia Pacific (Malaysia), and Mexico (Central), expanding regional coverage to 35 AWS Regions. The managed service provides scalable, fine-grained authorization using the open-source Cedar policy language, enabling applications to enforce permissions as policies rather than embedding them in code. Developers and administrators can define role-, attribute-, and context-aware access controls for APIs and application resources, simplifying authorization and improving governance.

Amazon Verified Permissions adds Cedar 4.5 support

🔒 Amazon Verified Permissions now supports Cedar 4.5, introducing the new is operator to enable type-based access checks. Developers can write policies that grant or deny access based on a resource’s declared type—for example, allowing administrators to view a resource only when it is an invoice in a petstore app. The update enhances Cedar’s type system, helps catch type-related errors earlier in policy development, and is available in all AWS Regions where the service runs; new and backward-compatible accounts have been automatically upgraded.