The Identity and Access Management (IAM) services offered by AWS helps define what a user or other entity is allowed to do in an account. This process is often referred to as authorization. Permissions are categorized as permissions policies and permissions boundaries. Most permission policies are JSON policy documents in AWS that, when attached to an identity or resource, define their permissions. A permissions boundary is an advanced feature that allows you to use policies to limit the maximum permissions that a principal can have. These boundaries can be applied to AWS Organizations organizations or to IAM users or roles. For more information about policy types and uses, see Policies and Permissions.
Updated about a year ago