Posted On: Nov 20, 2022
Attribute-Based Access Control (ABAC) is an authorization strategy that defines access permissions based on tags which can be attached to IAM resources such as IAM users and roles, and to Amazon Web Services resources, like Lambda functions, to simplify permission management. ABAC support for Lambda functions allows you to scale your permissions as your organization innovates and give granular access to developers without requiring a policy update when a user or project is added, removed or updated. With ABAC support for Amazon Lambda, IAM policies can be used to allow or deny specific Lambda API actions when the IAM principal's tags match the tags on a Lambda function.
Today, we are excited to announce that Amazon Lambda supports ABAC in Amazon Web Services China (Beijing) Region, operated by Sinnet and Amazon Web Services China (Ningxia) Region, operated by NWCD.
To get started with ABAC for Lambda functions, see the following resources:
- For information about attribute-based access control, see ABAC in the IAM User Guide
- For information about configuring ABAC with Amazon Lambda, see Control access using tags in Amazon Lambda Developer Guide