Maintained with ☕️ by
IcePanel logo

Amazon QLDB supports IAM-based access policy for PartiQL queries and ledger tables

Share

Services

Amazon Quantum Ledger Database (Amazon QLDB) now supports enhanced Amazon Identity Access Management (IAM) based permissions for QLDB authentication, query, and data access. This release builds on the existing Amazon QLDB permissions model, adding separation of access by PartiQL command and ledger table. With this feature, QLDB customers will now be able to implement more granular database authorization and access policy that meets strict security requirements. QLDB now supports new IAM actions that match PartiQL query commands. For example, the action qldb:PartiqlSelect provides read access while qldb:PartiqlUpdate and qldb:PartiqlInsert are common to policies enabling write access. In addition, QLDB now supports [Attribute Based Access Control](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial%5Fattribute-based-access-control.html) (ABAC) and the ability to tag QLDB table resources on creation. As a result, customers can now create more granular read or write restricted policies for specific tables and utilize ABAC for both ledgers and tables. Amazon QLDB is a fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log. You can use QLDB to track all application data changes, and maintain a complete and verifiable history of changes to your data over time. [Get started](https://docs.aws.amazon.com/qldb/latest/developerguide/what-is.html) with Amazon QLDB and learn more about [QLDB IAM based access control](https://docs.aws.amazon.com/qldb/latest/developerguide/security%5Fiam%5Fservice-with-iam.html) today.