A Policy is a JSON document that contains a list of permissions to allow or deny access to AWS resources. A single policy can be attached to one or more IAM user, group, and role. AWS IAM Policies provides the following two types of policies:
- AWS Managed Policies: These policies are governed by AWS. These policies are created for common use cases so that IT administrators can directly use these policies instead of creating new ones.
- Customer Managed Policies: These policies are custom made under your AWS account. The customer can define specific resource-based permissions and can modify them as and when needed.
The following is the sample customer-managed policy document:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
...
