Building fine-grained access control in your application starts by modeling user experience, access patterns and desired behavior then working backward from these assets to design permissions that will be translated into policies. In this session, we will talk about best practices and guidelines for building authorization model for custom applications and how to use Amazon Verified Permissions and Cedar language to implement fine-grained authorization.