IAM Policy
IAM Policy is a resource in AWS that defines permissions for actions on AWS resources. Policies are attached to IAM identities (users, groups, or roles), which dictate what actions they can perform. Each policy provides fine-grained access control and is written in JSON format. For further details, refer to the official AWS IAM Policy documentation.
Terrafrom Mappings:
aws_iam_policy.arnaws_iam_user_policy_attachment.policy_arn
Supported Methods​
GET: Get an IAM policy by policyFullName ((path) + (policyName))LIST: List all IAM policiesSEARCH: Search for IAM policies by ARN
Possible Links​
iam-group​
IAM Policies can be attached to IAM groups. When a policy is attached to a group, all users in that group inherit the permissions specified by the policy. This allows for easier management of permissions by controlling access at the group level rather than the individual user level.
iam-user​
IAM Policies can be directly attached to IAM users. This grants the user the permissions specified in the policy, allowing for specific access rights tailored to the user's requirements. This approach is suitable for cases where unique access is needed for certain individuals.
iam-role​
IAM Policies can be attached to IAM roles. Roles are used to grant permissions to AWS services or applications that need to perform actions in your account. Policies attached to roles define what actions the role can perform when assumed by a trusted principal, providing security through delegation.