What's new at AWS

ABAC is an authorization strategy that defines access permissions based on tags attached used to configure access permissions and policies to users, roles, and various AWS resources.

🔔 Tag-based access conditions can be used to allow or deny specific actions, when AWS IAM) principals’ tags match the tags on an Amazon DynamoDB table.

🔔 AWS IAM Principals:
✔ AWS Account and Root user
✔ IAM Users and Federated user
✔ IAM Roles
✔ AWS services
✔ Except IAM Group.

🔔 Benefits of IAM ABAC:
✔ Customers can now set more granular access permissions based on your organizational structures.
✔ Most importantly, ABAC allows customers to scale tags-based permissions to new employees and changing resource structures, without rewriting policies as organizations grow.

🔔 ABAC for Amazon DynamoDB is now available in limited preview in the Ohio, Virginia and N. California Regions only.