Package verifiedpermissions provides the API client, operations, and parameter
types for Amazon Verified Permissions.
Amazon Verified Permissions is a permissions management service from Amazon Web
Services. You can use Verified Permissions to manage permissions for your
application, and authorize user access based on those permissions. Using
Verified Permissions, application developers can grant access based on
information about the users, resources, and requested actions. You can also
evaluate additional information like group membership, attributes of the
resources, and session context, such as time of request and IP addresses.
Verified Permissions manages these permissions by letting you create and store
authorization policies for your applications, such as consumer-facing web sites
and enterprise business systems. Verified Permissions uses Cedar as the policy
language to express your permission requirements. Cedar supports both role-based
access control (RBAC) and attribute-based access control (ABAC) authorization
models. For more information about configuring, administering, and using Amazon
Verified Permissions in your applications, see the Amazon Verified Permissions
User Guide (https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/) .
For more information about the Cedar policy language, see the Cedar Policy
Language Guide (https://docs.cedarpolicy.com/) . When you write Cedar policies
that reference principals, resources and actions, you can define the unique
identifiers used for each of those elements. We strongly recommend that you
follow these best practices:
Several operations return structures that appear similar, but have different
purposes. As new functionality is added to the product, the structure used in a
parameter of one operation might need to change in a way that wouldn't make
sense for the same parameter in a different operation. To help you understand
the purpose of each, the following naming convention is used for the structures: