This article demonstrates implementing a custom authorization policy provider for ASP.NET Core applications using Amazon Verified Permissions, a managed authorization service.

• Amazon Verified Permissions externalizes authorization using Cedar policy language for fine-grained access control
• Sample TinyTodo app enforces rules: users manage owned lists, share lists conditionally, admins access admin module
• Static policies define broad rules; policy templates create dynamic policies per principal/resource at runtime
• Custom ASP.NET Core authorization provider integrates with Verified Permissions via HasPermissionOnAction attribute
• Authorization handlers build requests with Principal, Action, Resource details from ClaimsPrincipal and entity objects
• Template-linked policies created when users share to-do lists with configurable re-share permissions
• Multi-tenant support uses separate policy stores per tenant identified from request context

The article provides a complete implementation guide for centralizing authorization management in ASP.NET Core applications using AWS Verified Permissions.