Access control is a crucial step in implementing a secure foundation for your environment. You need to define who can access your AWS resources, as well as when, why, and how. Much of this access is governed by different access policies associated with your identities. This chapter dives deep into how to create and manage your access policies to effectively and securely govern permissions across your infrastructure.
The following topics will be covered in this chapter:
- Understanding the difference between policy types
- Identifying policy structure and syntax
- Configuring cross-account access
- IAM policy management
- Policy evaluation
- Using bucket policies to control access to S3