Posted On: Apr 3, 2013
We are excited to announce that we have extended the access policy language to include support for policy variables. This new feature allows you to define general purpose policies that include variables so you do not have to explicitly list all the components of the policy.
For example, you can now use variables such as ‘username’ to create policies that lock down users’ access to a specific S3 folder determined by their username, or allow users to manage their own access keys and assign the policy to a group instead of assigning an individual policy to each user. This will simplify your policy management by reducing the number of policies necessary to grant individualized access control to AWS resources.