Understanding the Differences between Access Policy Types
Policies are associated with users, groups, roles, or resources and define who or what can or cannot access AWS resources. You may already be familiar with some policy types, but AWS supports several different types of policies, including the following:
- Identity-based policies
- Resource-based policies
- Access control lists (ACLs)
- Simple Storage Service (S3) bucket policies
- Organization service control policies (SCPs)
The following sections discuss each type of policy in greater detail.
Identity-Based Policies
If you have been using AWS for any length of time, then you will be most familiar with this type of policy. Identity-based IAM policies in AWS are a way to manage permissions and control access for individual users, groups, or roles within your AWS accounts. You can attach these policies to identities created within the IAM service. These policies then define what actions those identities...