Anyone who’s used IAM in AWS knows that it can be confusing. And as confusing as it can be, it is critical to understand as it controls access to literally EVERYTHING in your AWS account. You might be tempted to grant loose permissions to your accounts, but this is a terrible practice from a security standpoint. In this article, I’ll explain how to easily create your own custom policies and restrict users only to the resources they need access to.

This article will focus specifically on the Visual editor.

What are IAM Policies?

As a refresher, IAM Policies are documents that contain rules on what users, groups, and roles can do (or not do) within AWS. These policies can be attached to multiple objects in IAM to make security easier to manage on a large scale. You can create policies by going into IAM using the unified search box, clicking Policies on the left, and then Create