Verified Permissions is a policy-based authorization service. At a glance, it checks a principal's request to act (action) on a resource against one or more authorization policies.

• Principal - A principal represents a role, user, service, or any other identity that can request to perform an action.

• Action - For example a server or service action of your OutSystems application or service. In other words - an operation that is requested by a principal.

• Resource - Something that can be accessed or modified by the specified action.

Policies are written in Cedar, a language specifically designed for defining permissions as policies. Originally developed by AWS, the Cedar specification and reference implementation is an Apache 2.0 open-source project. At the time of writing, Cedar has already been adopted by other vendors and open-source projects.

Cedar is easy to learn and simple to read, yet it still allows for the definition of complex role-based or attribute-based authorization models.

This connector implements Amazon Verified Permissions using the AWS SDK. It implements all operations excluding operations that leverage an external identity provider.