IAM JSON policy reference
This section presents detailed syntax, descriptions, and examples of the elements, variables, and evaluation logic of JSON policies in IAM. For more general information, see Overview of JSON policies.
This reference includes the following sections.
-
IAM JSON policy elements reference — Learn more about the elements that you can use when you create a policy. View additional policy examples and learn about conditions, supported data types, and how they are used in various services.
-
Policy evaluation logic — This section describes Amazon requests, how they are authenticated, and how Amazon uses policies to determine access to resources.
-
Grammar of the IAM JSON policy language — This section presents a formal grammar for the language that is used to create policies in IAM.
-
Amazon managed policies for job functions — This section lists all the Amazon managed policies that directly map to common job functions in the IT industry. Use these policies to grant the permissions that are needed to carry out the tasks expected of someone in a specific job function. These policies consolidate permissions for many services into a single policy.
-
Amazon global condition context keys — This section includes a list of all the Amazon global condition keys that you can use to limit permissions in an IAM policy.
-
IAM and Amazon STS condition context keys — This section includes a list of all the IAM and Amazon STS condition keys that you can use to limit permissions in an IAM policy.
-
Actions, Resources, and Condition Keys for Amazon Services — This section presents a list of all the Amazon API operations that you can use as permissions in an IAM policy. It also includes the service-specific condition keys that can be used to further refine the request.