Vishal Augustine
08/11/2023, 1:20 PMAlex Olivier (Cerbos)
Jesum Yip
08/11/2023, 1:24 PMVishal Augustine
08/11/2023, 1:27 PMJesum Yip
08/11/2023, 1:28 PMVishal Augustine
08/11/2023, 1:30 PMVishal Augustine
08/11/2023, 1:30 PMAlex Olivier (Cerbos)
Vishal Augustine
08/17/2023, 6:58 AM{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "TutorialAssumeRole",
"Effect": "Allow",
"Action": "sts:AssumeRole",
"Resource": "arn:aws:iam::account-ID-without-hyphens:role/access-*",
"Condition": {
"StringEquals": {
"iam:ResourceTag/access-project": "${aws:PrincipalTag/access-project}",
"iam:ResourceTag/access-team": "${aws:PrincipalTag/access-team}",
"iam:ResourceTag/cost-center": "${aws:PrincipalTag/cost-center}"
}
}
}
]
}
The doubt is: In cerbos, does it use key-value pairs of tags?
Or any examples projects like above? Which I can take a look at?
PS: https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction_attribute-based-access-control.html