What's new at AWS
ABAC is an authorization strategy that defines access permissions based on tags attached used to configure access permissions and policies to users, roles, and various AWS resources.
π Tag-based access conditions can be used to allow or deny specific actions, when AWS IAM) principalsβ tags match the tags on an Amazon DynamoDB table.
π AWS IAM Principals:
β AWS Account and Root user
β IAM Users and Federated user
β IAM Roles
β AWS services
β Except IAM Group.
π Benefits of IAM ABAC:
β Customers can now set more granular access permissions based on your organizational structures.
β Most importantly, ABAC allows customers to scale tags-based permissions to new employees and changing resource structures, without rewriting policies as organizations grow.
π ABAC for Amazon DynamoDB is now available in limited preview in the Ohio, Virginia and N. California Regions only.
Top comments (0)