IAM Policies
Learn how identity-based and resource-based policies are used to define user authorization.
We'll cover the following...
An IAM policy is a JSON document attached either to an IAM entity (such as a user or role) or to an AWS resource. It defines the scope of permissions that the principal entity has for accessing the resource securely.
Types of IAM policies
Based on their usage, IAM has six types of policies. These types are as follows:
Identity-based policies: Define permissions of IAM identities. These are attached with IAM identities.
Resource-based policies: Define the access that an entity has to the AWS resources. These are attached to the IAM resources to which the entity requires access.
Permissions boundaries: Specify the highest level of permissions that an identity-based policy can grant to an entity.
Session policies: Specify the ...