Chapter 4: Access Management, Policies, and Permissions

The Access Management model of AWS is based on policies. At a high level, we can use these policies to determine what an AWS identity object or resource can do to or with a resource or service within an AWS account. Of course, this quickly becomes very complicated once we must apply and manage policies across the multiple places where they may have been applied. We may also need to customize the existing access policies within an AWS account, or even create new policies from scratch to accommodate our own use cases. This chapter does not represent a complete compendium of knowledge regarding the complexities of access management in AWS, but it will introduce you to the foundational concepts ...