Policies are created by users (Admin/root user or IAM user with IAM Permissions)
Task : Create a Custom Policy to access S3 Service Full Services
Step 1 : Click on Create Policy 
Step 2 : You can use Visual Editor or You can direct write JSON to create custom policy , here i am selecting the Visual Editor
+ Select service : Enter Service name
+ Actions : Select the permissions, here i selected All Permissions (All S3 actions (s3:*) )
+ Resources : Using Specific we can give particular access to particular services. But here i am selecting All Resources
+ Request conditions : Permissions are given when they successfully completed some actions like
- MFA : Like OTP Like service, if we enter correct code only, you will get access
- Source IP : if you can get permissions only when you login with particular IP
- Add Conditions : You can use multiple conditions
+ Tags : Add Tags and values
+ Review : Review , Name the policy and Click on Create Policy
+ Now you can check at policies, you will see customer managed policy is created
+ Verify : Verify, it is working on not, assigning to existing IAM User
Step 1 : Now I logged in with IAM user account[1], I don’t have permission to Create S3 Bucket ( Create bucket [2]) not enabled
Step2 : Now Adding customer managed S3 Policy to IAM User : Go to users > Permissions > Add Permissions , Click on Add Permission
Step 3 : Grant Permissions , I Selected Attach existing policies directly
Next Click on Review at bottom, Next Click on Add Permission, It’s Done ! Permission added
Step 5 : Login IAM User and check
Now Create bucket button 
Now you can create an S3 Bucket !
+Summary : Custom IAM Policy is worked