Identity-based policies are JSON permissions policy documents that control what actions an identity (users, groups of users, and roles) can perform. further categorized into
|
Identity-based policies |
|||
|
(i) AWS managed policies |
(ii) Customer managed policies |
(iii) Inline policies |
|
|
Policies created and managed by AWS. |
Managed policies that you create and manage in your AWS account |
Policies that you add directly to a single user, group, or role. |
|
|
We have to use Given Policy directly, we can’t change existing policy permissions |
It Provides more precise control over your policies than AWS managed policies. |
maintain a strict one-to-one relationship between a policy and an identity. They are deleted when you delete the identity. |
|