IAM Policies Structure

• Consists of

  • Version: policy language version,always include “2012-10- 17”

  • Id: an identifier for the policy (optional)

  • Statement: one or more individual statements (required)

• Statements consist of

  • Sid: an identifier for the statement (optional)

  • Effect: whether the statement allows or denies access (Allow, Deny)

  • Principal: account/user/role to which this policy applied to

  • Action: list of actions this policy allows or denies

  • Resource: list of resources to which the actions applied to

  • Condition: conditions for when this policy is in effect (optional)

PreviousIAM Policies inheritanceNextIAM – Password Policy

Last updated