Scaling AI authorization using Amazon Verified Permissions with Siemens

Siemens’s global IT data and AI (IT DA) technology team, in collaboration with the cybersecurity team, leads the effort to drive secure AI innovation across the company. With the emergence of generative AI, the teams faced a critical challenge: how to facilitate experimentation at scale while maintaining security and compliance standards, especially when it came to authorization. “In tech, everything is—or should be—around agility,” says Marco Vernaza, product owner of SiemensGPT, global IT DA technology, at Siemens. “But the AI space is nonlinear and highly unpredictable. We don’t know where the next innovation is going to come from.”

The company needed a new authorization framework that would facilitate rapid experimentation and be fully incorporated into the API architecture. This framework would require managing complex user permissions across multiple roles: regular users, workspace administrators, and superadministrators. Traditional authorization approaches would embed permission logic throughout the code base, creating technical debt and slowing development.

To reduce human error and achieve compliance at enterprise scale, Siemens needed infrastructure with advanced security features and built-in automation, supported with enterprise agreements. “We knew that we weren’t experimenting when we chose AWS,” says Hanna Mykula, product owner of SiemensGPT. “Collaborating closely with the AWS team, we built a scalable solution that exceeded our goals.”

Using AWS, Siemens built SiemensGPT, an internal global collaborative tool. The solution provides vendor-agnostic access to multiple large language models, augmented AI capabilities, and tools for building and sharing AI agents. With granular and advanced authorization logic, SiemensGPT empowers users to experiment with generative AI in an environment that’s designed to be secure and compliant under the AWS Shared Responsibility Model.

From the outset, the company decided to abstract authorization complexity out of the application code entirely to become more agile in managing permissions. Siemens implemented Amazon Verified Permissions, a fully managed Cedar service for fine-grained authorization, as the centralized authorization solution. “A key requirement of SiemensGPT is the application authorization flexibility,” says Vernaza. “This needs a scalable and flexible environment with improved security features. That intersection meant that we needed a flexible process not only to create users, user roles, and user permissions but also to continue adding features.”

Siemens worked closely with FNTIO, an AWS Partner, to implement the platform. “As Siemens started to implement many collaboration features, it became obvious that Amazon Verified Permissions was the right tool for us,” says Jannik Frisch, lead architect at FNTIO. “Authorization decisions get increasingly complex when users build agents together and share what they build. Amazon Verified Permissions met our demand for increasingly complex authorization decisions.”

Amazon Verified Permissions integrates with Amazon API Gateway—a fully managed service for creating, maintaining, and securing APIs at virtually any scale. The two services operate seamlessly together through a custom authorizer that’s built on AWS Lambda, which is used to run code without thinking about servers or clusters. AWS Lambda integrates with Amazon Verified Permissions, offloading the complexity of authorization. All API endpoints authenticate against Siemens’s central identity provider, and Amazon Verified Permissions handles all authorization decisions. When a user attempts an action, such as creating a new chat or modifying workspace settings, the backend makes an API call to Amazon Verified Permissions. The service returns an “allow” or “deny” response based on the policies that are defined in a centralized policy store, with traceability and options to audit the solution.

“Using Amazon Verified Permissions, we now have a secure mechanism to define the authorization in a central repository as code, following internal security policies with audit logs,” says Manuel Mendoza, cybersecurity platform architect at Siemens. “Additionally, we have the policy abstracted nicely and defined well, which helps us speed up our compliance process.”

Since launching SiemensGPT, the company has successfully deployed centralized authorization for 150,000 registered users, with 80,000 monthly active users engaging with the tool. The solution now processes over 590 million authorization calls monthly, facilitating seamless access control across the company. By decoupling policy administration from policy enforcement, Siemens has met the challenge of implementing the principle of least privilege at enterprise scale while maintaining rapid development cycles.

Siemens plans to expand this authorization pattern across more applications throughout the company. This flexible foundation will be critical as Siemens advances toward agentic AI implementations, which require sophisticated authorization for agents that act on behalf of users.

“AWS has a massive community and certified programs that we can rely on,” says Vernaza. “And it has been great to work with the AWS team and FNTIO to achieve the scale we needed at a competitive cost.”