Amazon Verified Permissions policy stores

A policy store is a container for policies and policy templates. Each policy store contains a schema that is used to validate policies added to the policy store. We recommend creating one policy store per application, or one policy store per tenant for multi-tenant applications. You must specify a policy store when making an authorization request.

We recommend using namespaces to Cedar entities in your policy stores to prevent ambiguity. A namespace is a string prefix for a type, separated by a pair of colons (::) as a delimiter. Verified Permissions supports one namespace per policy store. For more information, see Namespaces in the Cedar policy language Reference Guide.

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Create an API-linked policy store

Creating policy stores