Optimized for: Gemini / ChatGPT / Claude
Advanced AI Prompt for Attribute-Based Access Control (ABAC) in AWS
Use this engineered prompt to drastically optimize your workflow and output.
Required Variables
- ✦
[PROJECT_TAG] - ✦
[ENVIRONMENT_TAG] - ✦
[RESOURCE_TYPE]
advanced-ai-prompt-abac-iam-policy.txt
Construct an AWS IAM policy that implements Attribute-Based Access Control (ABAC) for [RESOURCE_TYPE]. The policy must grant access only if the principal's 'Project' tag matches the resource's '[PROJECT_TAG]' and the 'Environment' tag matches '[ENVIRONMENT_TAG]'. Use the 'aws:PrincipalTag' and 'aws:ResourceTag' keys. Ensure that the 'iam:ResourceTag' condition is used to prevent users from changing tags to escalate privileges. Provide the policy in JSON format.
Example Output
"The AI generates a policy where 'Condition' blocks use '${aws:PrincipalTag/Project}' to dynamically match the resource's tags, ensuring flexible yet secure access."