Posted On: Nov 16, 2023
Today, AWS announces the launch of Policy Assistant for AWS Verified Access, which makes it easier to express, troubleshoot, and simulate application access policies. Verified Access enables you to provide VPN-less secure access to corporate applications using Zero-Trust principles. Using policy assistant, you can accelerate the validation, troubleshooting and authoring of your application access policies.
With Verified Access, you can define application access policies using end-user context, such as user groups and device risk score, which is received from your existing third-party identity and device security services. For example, you can create policies that permit only certain user groups, such as the finance group to access specific applications, and only if they are using compliant devices. Now, with Policy Assistant, you can write, troubleshoot, and simulate policies on the Verified Access console, allowing you to see how a new or modified policy impacts your users’ ability to access applications. For example, you can retrieve the latest identity and device security state for a specific user, and run it against a new or a modified policy. With the simulated policy outcome available on the Verified Access console, you can identify the reason for the policy outcome, whether approved or denied, and modify and test your policies iteratively as required. Once testing is complete, you can apply any changes to the policies in production. This enables validation, troubleshooting, and acceleration of the policy authoring process.