- Newest
- Most votes
- Most comments
Hi,
AWS provides list of managed policies, which you can attach to the role and eventually that role would inherit all the permissions from managed policy.
However you can also create your own custom policies and attach to the role, which would be more specific to use case and tailored one.
Here is the AWS Documentation which has all the AWS Managed Policies, which you would find already created in AWS account. If you click any of these AWS managed policy, you'll see detailed description of each of those.
Example: Suppose, you want to create an administrator role, you will create a role by attaching AdministratorAccess managed policy to the role. Similarly, you can attach one or many such AWS managed policies to a role for specific use case. This AdministratorAccessPolicy is also AWS managed policy and listed in above mentioned document.
Based on the permission sets of these AWS managed policy and description, you can create your custom policies which can be attached to role.
Note that, there are three type of policies:
AWS Managed Policies -> AWS provisioned, can't be edited
Customer Managed Polices -> Customer managed policy, we create, can be edited and also can be attached to multiple roles.
Inline policies --> Same as Customer Managed Policy with one difference that, it is specifically be attached to a role and can't be reused. Often used for a specific use case and by attaching it to a role.
Here at this Documentation, you can find detailed description of managed and inline policies.
Hope you find it useful.
Abhishek
Relevant content
- asked a year ago
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
Do you have any further questions, happy to help.