Skip to content

New pattern - lambda-verified-permissions-cdk#3104

Open
NithinChandranR-AWS wants to merge 2 commits intoaws-samples:mainfrom
NithinChandranR-AWS:NithinChandranR-AWS-feature-lambda-verified-permissions-cdk
Open

New pattern - lambda-verified-permissions-cdk#3104
NithinChandranR-AWS wants to merge 2 commits intoaws-samples:mainfrom
NithinChandranR-AWS:NithinChandranR-AWS-feature-lambda-verified-permissions-cdk

Conversation

@NithinChandranR-AWS
Copy link
Copy Markdown
Contributor

@NithinChandranR-AWS NithinChandranR-AWS commented May 8, 2026

Description

Deploy a Lambda function that authorizes requests using Amazon Verified Permissions Cedar policies.

Changes

  • CDK stack: Lambda + Verified Permissions policy store with Cedar schema
  • Lambda handler calling IsAuthorized API
  • Two Cedar policies (admin full access, reader read-only)

Testing

  • Deployed to AWS account, tested admin ALLOW, reader DENY, reader read ALLOW
  • All authorization decisions correct with strict schema validation

@NithinChandranR-AWS
feat: Add EventBridge CloudTrail data plane logging pattern
16bb2ea 
First pattern for the May 5, 2026 launch of EventBridge data plane
logging to CloudTrail. Enables security visibility into PutEvents
API calls with Lambda alerting.

Deployed and tested on live AWS account.
@NithinChandranR-AWS
feat(lambda-verified-permissions): Add Cedar policy authorization pat…
10a17eb 
…tern

Deploy Lambda + Amazon Verified Permissions with Cedar policies for
fine-grained access control. Includes admin and reader policies with
strict schema validation.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@parikhudit parikhudit

@julianwood julianwood

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@NithinChandranR-AWS @parikhudit @julianwood